Solution Benefits

SINGLE PLATFORM FOR ENDPOINT SECURITY AND LEAST PRIVILEGE

Leverage the ePO console to deploy least privilege rules to Windows clients, simplifying management.

Utilize the ePO agent on all client endpoints to update and enforce least privilege rules, minimizing complexity and performance problems without requiring additional hardware.

MAKE LEAST PRIVILEGE DECISIONS BASED ON ASSET VULNERABILITY STATUS

Perform complete network scans to discover all vulnerabilities, correlate user analytics, and make least privilege decisions based on real insights.

GAIN A COMPLETE VIEW OF ALL ASSETS IN THE ENVIRONMENT

Review health and performance information from BeyondTrust’s UVM appliances via the ePO console.

In a recent privilege management survey, respondents indicated that 86% of users have too much access. When a user is an administrator, the risk is even greater: an external threat or malicious insider can leverage admin permissions to move laterally throughout an environment, wreaking untold damage on a company’s data and assets.

The natural reaction for IT is to enhance endpoint protection, and also to remove administrative rights so that attackers cannot gain a beachhead on important assets. All of this must be done quickly and efficiently to close security gaps without disrupting workflows. This process starts with having a solid endpoint protection strategy for addressing malware and a complementary strategy for managing privileges.

Unified Least Privilege and Endpoint SecurityTo meet these goals, BeyondTrust PowerBroker for Windows integrates with McAfee ePolicy Orchestrator (ePO). The integrated solution centralizes security, manages least privileged access via ePO, and leverages policy to link security threats to privileged access. This helps you orchestrate a proactive approach to addressing multiple attack vectors.

PowerBroker for Windows & McAfee ePolicy OrchestratorUnified Least Privilege and Endpoint Security

Together, BeyondTrust and McAfee provide a single platform for endpoint security and least privilege.

Solving Least Privilege Use Cases The integration between PowerBroker for Windows and McAfee ePolicy Orchestrator addresses several critical use cases for organizations embracing least privilege:

y Deliver a lightweight client that integrates with your existing environment to enforce least privilege policies

y Provide a single platform for privileged event policy and reporting

y Enable admin rights removal without impacting the end user’s workflow

y Protect against keystroke loggers and password-stealing techniques, such as Pass-the-Hash, using a least privileged client for application elevation

y Audit and report all privileged activity and privilege elevation requests

PowerBroker for Windows: Endpoint Least Privilege ManagementBeyondTrust PowerBroker for Windows reduces the risk of privilege misuse on physical and virtual Microsoft Windows servers and desktops. By eliminating Windows administrator privileges, simplifying the enforcement of least-privilege policies, maintaining application access control, and logging privileged activities, IT closes security gaps and improves operational efficiency.

y Elevate privileges on an as-needed basis, without reducing productivity

y Enforce least-privilege access based on an application’s known vulnerabilities via patented, vulnerability-based application management capabilities

y Demonstrate compliance by monitoring event logs and file integrity for unauthorized changes to key files and directories

y Capture keystrokes and screens when rules are triggered; with searchable playback for complete documentation of privileged activity

y Integrate with McAfee ePO for complete endpoint security and least privilege

y Integrate with other BeyondTrust privileged access and vulnerability management solutions for complete coverage

McAfee ePO: A Single Console for All Your Security Management NeedsMcAfee ePolicy Orchestrator is the most advanced, extensible, and scalable centralized security management software in the industry.

y Get a unified view of your security posture with drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile, and networks

y Simplify security operations with streamlined workflows for proven efficiency

y Utilize flexible security management options with premises-based and cloud-based management versions

y Leverage your existing third-party IT infrastructure from a single security management console with an extensible architecture

© 2017 BeyondTrust Corporation. All rights reserved. BeyondTrust, BeyondInsight and PowerBroker are trademarks or registered trademarks of BeyondTrust in the United States and other countries. McAfee, Microsoft, Windows, and other marks are the trademarks of their respective owners. April 2017

The PowerBroker Privileged Access Management Platform

PowerBroker for Windows is part of the BeyondTrust PowerBroker Privileged Access Management Platform, which delivers visibility and control over all privileged accounts, users, and assets. The platform integrates a comprehensive set of PAM capabilities to simplify deployments, reduce costs, improve system security, and reduce privilege-related risks. PowerBroker solutions include:

y Enterprise Password Security: Provide accountability and control over privileged credentials and sessions.

y Server Privilege Management: Control, audit, and simplify access to business-critical systems.

y Endpoint Least Privilege: Remove excessive user privileges and control applications on endpoints.

CONTACT

North America info@beyondtrust.com

EMEAemeainfo@beyondtrust.com

APAC apacinfo@beyondtrust.com

LATAMlatam@beyondtrust.com

CONNECT

Twitter: @beyondtrustFacebook.com/beyondtrustLinkedin.com/company/beyondtrustwww.beyondtrust.com