Privileged Session Management

Part of your Privileged Access Management solution

Privileged Session Management (PSM) controls privileged user access to your IT systems, neutralizing hacks and offering unprecedented control. PSM is fast to deploy and integrates seamlessly into existing networks, so you can keep compliant with the latest security regulations and realize the ROI of better security quickly.

Central Control Point

Stay compliant by managing access to your critical IT assets with a centralized authentication and control point.

Prevent and Deter Malicious Activity

Monitor privileged user sessions in real-time, detect rogue behavior, accelerate incident response with session termination or alerts.

Fully Forensic Playback

Discover a breach source through detailed session data and searchable, movie-like playback. Identify risks and vulnerabilities.

Realise ROI Fast

Install a fully operational session management solution within a week, with minimal changes to your IT environment.


How to use PSM effectively
within an
overall PAM

Mitigate against privileged account risks
Get in touch

Granular Access Control

PSM acts as an application level proxy gateway. Transferred connections and traffic are inspected on an application level, rejecting all traffic violating the protocol. With this high-level understanding of network traffic you can control the features of the protocols, such as authentication and encryption methods used in SSH connections, or channels permitted in RDP traffic.

  • Full support

    For SSH, RDP, HTTP(s), Citrix ICA, Telnet, TN3270/TN5250, VNC, X11 and VMware View protocols

  • Audit file transfers

    Either SCP, SFTP or HTTP(s)

  • Detailed access control

    Based on time and user group policies

Authentication and Authorization

Enforce the use of two-factor authentication methods and verify the public key of users in your network. PSM has a built-in capability to verify SSH host keys and certificates – identifying servers, preventing man-in-the-middle attacks and other threats, completely independent from the authentication that the user performs on the remote server.

  • Gateway authentication and integration

    Including Microsoft AD, LDAP or RADIUS, and multifactor authentication backends

  • User-mapping policies

    Describe who can use a shared user to access your remote server

  • Password vaulting

    Either through the built-in Credential Store, or integration with a third-party password management system

  • Server-side auto-login

    Balabit impersonates the authenticated user on the server

  • Four eyes authorization

    Avoid accidental misconfiguration

Searchable, Movie-Like Session Recording

PSM can be deployed as a physical or virtual appliance that automatically handles transparent and non-transparent connections to other systems, allowing it to integrate seamlessly alongside your existing password management, ticketing, SIEM and system management tools. To simplify integration with firewalled environments, PSM supports both source and destination address translation (SNAT and DNAT).

  • Complete documentation

    All remote system access recorded

  • Tamper-proof audit trails

    Everything encrypted, signed and time-stamped

  • Control your session playback

    Fast forward functionality and quick, free text session search

  • Custom reports

    For activity and compliance

Seamless Integration Into Your Security Ecosystem

Your network infrastructure is seamlessly integrated with a physical or virtual PSM appliance that automatically handles transparent and non-transparent connections, allowing PSM to slot in alongside your existing password management, ticketing, SIEM and system management tools. To simplify integration with firewalled environ-ments, it supports both source and destination address translation (SNAT and DNAT).

  • Independent and agentless

    With both network appliance and design

  • Flexible network configuration

    Including virtual LAN support and a high availability option

  • Virtual appliance options

    VMware and MS Hyper-V

  • Cloud deployment

    In Microsoft Azure and Amazon Web Services

PSM as part of PAM

Privileged Access Management goes beyond password-based authentication to protect your business against privileged access misuse. The PSM component establishes a central control point for authentication and authorization, helping you to stop malicious behavior and speed up forensics without affecting the workflows of genuine, legitimate privileged access users.

Recent Resources

Audit Reporting in Shell Control Box

Shell Control Box (SCB), Balabit' privileged u er monitoring appliance, feature  a comprehen ive reporting y tem, which...

Best Practice for Incident Forensics

Today ecurity incident are a que tion of when, not if: every company, mall and large, face the threat of being a...

Calibrating anomaly scores

In thi blog po t, we are going to di cu how to calibrate anomaly core to make ure that the core are tru ted...

“Lorem ipsum dolor sit amet, consectetur adipisicing elit. Sint minima earum velit, dolorem fuga impedit onsectetur adipisicing dolorem.”

– Lorem ipsum, Lorem ipsum