List of Modules and Features in PAM360

The following table presents the list of all features grouped under different modules that altogether demonstrate the working strategy of PAM360:

Module Feature Description

User Management

AD / LDAP support /Azure AD


Smart Card Authentication

Integration with an external directory server for user management and authentication.

If you have a smart card authentication system in your environment, you can configure PAM360 to authenticate users with their smart cards, bypassing other first factor authentication methods like AD, LDAP or Local Authentication.

User Roles

Five different user roles providing fine-grained access control.

Custom Roles

In addition to the pre-defined roles in PAM360, the administrator can also create custom roles for your users. The role customization option allows you to create new role from scratch, by selecting the desired options from the list of 100+ operations available in PAM360.

Super Administrator

Enabling an administrator to see all the resources in the system unconditionally.

User Groups

Create groups of users for carrying out operations in bulk.

Domain Single Sign On

Pass through authentication for PAM360 server, when integrated with AD.

Single Sign on using SAML

PAM360 offers support for SAML 2.0, which facilitates integration with Federated Identity Management Solutions for Single Sign-On.

Resource Management

Resource types

Categorise resources based on their types (for e.g Windows Servers). Create and manage your own resource types, in addition to the default types.

Resource Groups

Create groups of resources / passwords and manage the groups. Carry out password management operations in bulk.

Nested Resource Groups

Maintain resource groups in hierarchical structure (groups, sub-groups) for navigational convenience.

Share Resources/Groups

Share resources /resource groups with desired users/user groups.

Exporting Resources

PAM360 provides multiple export options for secure offline access and safekeeping of password information.

  • The basic option is to export password in plain text.
  • The more secure option is to export the passwords to an encrypted HTML file.

PAM360 Agents

The agents periodically check for tasks by opening a secure connection with the server and no longer need to have a port open in the system they are installed.

Password Management

Resource Customization

Add attributes to resources and accounts according to your needs.

Password Access Control Workflow

Helps enforce enhanced access control in the product. The user, who requires a password, will have to 'request the release' and one or more administrators will authorize the request. The password availability to the user is time limited. It will be automatically reset thereafter and the user will thereby forfeit the access.

Password Policies

Create and manage your own password policies for enforcing their adoption through PAM360.

Password Resets

Perform password resets to resources from PAM360 (Windows, Windows Domain, Linux, IBM AIX, HP UNIX, Solaris, Mac OS, MS SQL server, Oracle DB Server, Sybase ASE, HP ProCurve and Cisco Devices (IOS, CatOS, PIX)).

Password Reset Schedules

Automate password resets

Password Actions / Notifications

Generate alerts for various password events and specify action to be taken on password events.

Password Reset Listener

Invoke a custom script to initiate desired action on password changes.

Windows Service Account Management

Keep your windows service account and scheduled task passwords synchronized with the corresponding domain account.

IIS App Pool Account Password Reset

Support for automatically resetting the passwords of associated IIS AppPool accounts when the domain account passwords are reset through PAM360.

Auto Logon Helper

Connect to target systems with a single click from PAM360 console without having to actually see the passwords.

Password Management API

Setup your applications to query PAM360 for A-to-A and A-to-DB passwords.

Remote Access Management & Privileged Session Recording

Privileged sessions launched from PAM360 can be recorded, archived and played back to support forensic audits and allow enterprises to monitor all actions performed by privileged accounts during privileged sessions.

Ticketing System Integration

PAM360 provides the option to integrate a range of ticketing systems to automatically validate service requests related to privileged access.

Privileged Accounts Discovery

PAM360 provides the option to automatically discover the IT assets in your environment and enumerate the privileged accounts associated with them, thus helping enterprises to secure all their privileged identities in quick time.

Audit and Reports

Audit

Comprehensive audit of all operations done on resources, passwords and users. Export to pdf and email.

Audit Filters

Create Filters to view only those audit records that are of interest.

Audit Notification

Choose to send/receive notification as e-mail / SNMP trap / Syslog on the occurrence of desired audit events.

Canned Reports, Custom Reports

Intuitive reports on password inventory, compliance, expiry, resource and user activity. Print reports, export to pdf and email.


Provision for generating various custom reports to suit specific business requirements.

Query Reports

This new addition to the Reports section now allows administrators to construct reports by writing their own SQL statements. The statements can be used to directly query the PAM360 database and fetch required information to address unique reporting requirements.

Dashboard

Password and user dashboard providing a snapshot on password management activities.

Non-functional Features

Two-Factor Authentication

Enforcing users to identify themselves with two unique factors before they are granted access to the web-interface.

Backup for Disaster Recovery

Setup backup of the PAM360 database for disaster recovery purposes.

High Availability

setup redundant PAM360 servers to provide high availability of PAM360 application.

Failover Service

The Failover Service in PAM360 is also aimed at ensuring uninterrupted access to passwords and other privileged resources.

Customize Email Notification Content

By default, PAM360 has a specific content for the email notification for various password actions. If you want, you can customize the content and have your own content.

Re-brand

Use your own logo in the PAM360 user interface.

General Settings

Switch on and off various features on need basis.

Manage Encryption Key

Option to quickly change the location of the master encryption key and store it outside of the machine in which PAM360 is installed, in another machine, or an external drive.

Manage Schedules

Option to quickly view and edit all the schedules created in the product single, centralized page.

RESTful API

RESTful APIs, help you to connect, interact and integrate any application with PAM360 directly.

Browser extension

Seamlessly auto-logon to websites and applications, launch RDP and SSH sessions, access existing passwords, and add new ones - all from PAM360's extensions for Chrome and Firefox browsers, without leaving the browser tab you're in.

©2019, ZOHO Corp. All Rights Reserved.

Top