Privileged Session Recording

(Feature available only in Premium Edition)

Overview

Privileged sessions launched from Password Manager Pro can be recorded, archived and played back to support forensic audits and let enterprises monitor all actions performed by privileged accounts during privileged sessions. Session recording caters to the audit and compliance requirements of organizations that mandate proactive monitoring of activities. Administrators can readily answer questions regarding the ‘who,’ ‘what’ and ‘when’ of privileged access.

Password Manager Pro enables recording of Windows RDP, SSH and Telnet sessions launched from the product.

How secure is session recording?

Password Manager Pro employs first-in-class, browser-based remote login mechanism for the session recording process. From any HTML5-compatible browser, users can launch highly secure, reliable and completely emulated Windows RDP, SSH and Telnet sessions with a single click, without the need for additional plug-in or agent software. Remote connections are tunneled through the Password Manager Pro server, requiring no direct connectivity between the user device and remote host. In addition to superior reliability, the tunneled connectivity provides extreme security as passwords needed to establish remote sessions do not need to be available at the user’s browser. The new session recording capability is an extension of the robust remote login mechanism.

From version 6500, PMP comes bundled with RDP, SSH and Telnet session gateways. This allows the users to launch remote terminal sessions from their browser that are tunneled through the PMP server. The remote terminal sessions are emulated in the browser screen itself and hence there is no need for installing any plug-in or agent in any end-points. The only requirement is the browser should be HTML 5 compatible (For example IE 9 or above, FF 3.5 or above, Safari 4 or above, Chrome).

How to enable session recording?

Session recording can be enabled through a simple administrative setting. Navigate to Admin >> General and click "Session Recording".

In the GUI that opens up, select the text boxes "Enable recording of RDP sessions" and/or "Enable recording of CLI sessions" as required. Once this is done, as soon as an administrator adds a resource that supports one of these remote terminal session types (RDP, SSH, Telnet), the session recording feature becomes available.

Whenever a user launches a recomote connection, whatever they do afterwards gets recorded.

How to view/playback the recorded sessions?

The recorded sessions are available for view under "Audit" tab. Along with Resource Audit, User Audit and Task Audit, "Recorded Sessions" has been added as a separate tab. You can trace the required session through the name of the resource, user who launched the session, time at which the session was launched etc. Just click "Play" at the end of each entry to view the recorded session.

Purging Recorded Sessions

The recorded sessions occupy only very little space in the database. However, if you have a large number of resources with session recording enabled, you need to have a few GBs available in the DB.

  • If you do not need the session recordings that are older than a specified number of days, you can purge them
  • Navigate to "Resource Audit" section and go to the end of the page. To purge the records that are older than a specified number of days, specify the number in the text-box against the field "Purge Audit Records".
  • Click "Save". The Session Recordings that are older than the number of days specified by you, will be purged

©2014, ZOHO Corp. All Rights Reserved.

Top