Pars Pam (Pars Pam)

Product introduction: Pars PAM remote access management and monitoring system

A remote access management system is a highly effective solution that helps manage, control, and monitor user activities. This solution provides a centralized policy framework for the IT security team to provide the necessary authorization for role-based privileges and Delegate responsibility and provide limited access to privileged accounts.

Secure and controlled access in order to establish internal or external interactions has always been one of the main concerns of large organizations. The variety of software and operating systems used, as well as the dependence of all parts of the organization on software systems, have created a platform prone to unintentional and planned malicious actions. In this regard, deterrence, prevention, diagnosis and audit are 4 important and vital principles in local and remote access management.

applications

• Central Security Policy Enforcement Point: A central security policy enforcement point where administrators can restrict user activity to the level of command execution based on predefined policies.
• Integration point for multiple tools: One integration point for multiple authentication tools including password management and multi-factor authentication tools.
• Real-time monitoring: Real-time monitoring enables security teams to monitor and monitor the activity of privileged users live.
• Recording of meetings: recording of meetings provides the possibility of checking the traces, which can answer the question of “who did what?” in critical times. specified
• Four-eye authorization system: two-way control, which refers to the authorization system known as “four eyes” in which performing certain actions and executing certain commands requires real-time authorization by the supervisor.
• Responding to security breaches :warning and destroying sessions in case of security policy violations by the user.

Attributes

Among the most important features of the “remote access management and monitoring system” are the following:

• Support for 4 common remote access protocols: RDP, SSH, VNC, TELNET
• User interface based on HTML5 and WebSocket web technologies
• No need to install any plugins or add-ons
• Can be installed in transparent and non-transparent mode
• The possibility of access through mobile devices such as mobile phones or tablets
• The possibility of installing the system in several separate points and managing access through a user interface
• Installation and commissioning without the need to make changes to the network infrastructure
• Easy and powerful management for users and system administrators
• Accurate recording of events during users’ communication with network resources
• Ability to OCR all page content
• Ability to search commands sent to the server
• Limiting the access of senior system managers
• Two-step authentication
• Safe storage of passwords
• Monitoring communications
  • SSH
  • VNC
  • Remote Desktop
  • Telnet
• Control and check meetings in real time and live
• Manage SSH keys
• Advanced user access control to system resources
• Advanced user access control to servers
• Advanced settings to control user access to the system
• Various control settings including
  • Email sender
  • SMS sender
  • SNMP
  • File transfer on FTP platform
• Bastion’s ability to limit gateway access to servers
• Virtual grouping
• The ability to customize the dashboard is limited
• Work process management
• Improving the level of access and management of roles
• Ability to register authentication systems
  • Active Directory
  • LDAP
  • Radius
  • TACACS+
• Unified login using a user password
• Added users from Active Directory
• Access control by an admin
• Time management of uploaded server files
• Creating multiple simultaneous sessions for one user
• Allocate access for each user individually
• Flexible report generator for exporting resources in the format
  • Excel file
  • PDF file
• conformity
  • Custom reporting
  • Text log
  • Connection statistics chart
• Complete review of user interaction with network resources by applying precise timing:
  • screen
  • keyboard
  • mouse
  • clipboard
  • Two-way file transfer
• Ability to export user interaction as video (screen) and text files (keyboard)
• Recording all system events such as login, connection and disconnection of users and sending them to other centralized event recording systems.

The architecture of this product is also shown in the figure below:

For more information, please contact Cert Center of Shahrood University of Technology.