Lieberman RED – Rapid Enterprise Defense Identity Management helps you enforce temporary escalation of privilege so that individual users are granted administrative access to designated machines for a limited time. This eliminates the disclosure of potentially shared credentials, so that users or their compromised computers can’t reveal passwords that attackers could exploit to gain lateral movement.
By providing time-limited escalation for targeted devices, you can protect your network against attacks that use Pass-the-Hash, Kerberos golden tickets, and other exploits. Users can be selectively added to Windows user groups through self-service elevation or other workflow and orchestration processes, and then later are automatically removed without further human intervention.
Get Just in Time / Just Enough Privileged Access
RED Identity Management makes it easy for organizations to enforce fine-grained control of elevated access. Authorized users of the RED Identity Management Web application can request to have rights elevated on selected target systems for designated periods of time. This provides a direct audit trail of their access and assures compliance with any domain level policies.
As an RED Identity Management administrator, you can configure:
- Account groups selected for elevation
- Time limits (down to one-minute granularity) for elevation
- Permissions for selected personnel (such as help desk managers) to elevate others
- End-user email alerts to pending elevation expiration
- Selection of pre-configured “long” and “short” delegation times that you specify
Configuring Account Elevation Rules with RED Identity Management
RED Identity Management administrators can establish delegation rules by identity types and by management sets to allow, for example, IT staff who are responsible for a particular type of system and selected geographies to access the appropriate systems using elevated credentials. RED Identity Management provides an authoritative audit trail of each access request to prove compliance with your organization’s policies.
As a result, users and their computers never retain long-term knowledge of elevated credentials, greatly reducing the attack surface of your network should attackers gain a foothold on a compromised system.