Hitachi ID Privileged Access Manager
March 01, 2016
£36,319 for 1,000 managed endpoints.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Solid system with many integration options.
- Weaknesses: A bit pricey due to the need for included devices and software.
- Verdict: Fine product overall, but don’t forget that a platform and a backend database are required and need to be considered in the lifecycle cost of ownership.
The Hitachi ID Privileged Access Manager is a more traditional privileged account manager product with some really great features and functionality. This tool allows administrators to easily schedule the randomising of privileged account passwords across many different systems, including Windows, Linux, UNIX, network devices and applications. Once passwords are randomised, they are stored in an encrypted vault and can be accessed by users or groups depending on assigned policy.
This product is a software-based install and requires a server, either physical or virtual, on which to be installed. Also required is access to a SQL server instance to install the backend password database. Setup and installation are wizard driven and straightforward. Once installation is complete, the product is managed via a simple web-based management interface. We found the interface to be easy to navigate with an intuitive layout. Also, users and groups can be managed directly within Active Directory allowing for seamless integration with the already existing infrastructure.
From a user perspective, this solution allows for access into systems using native or browser-based clients for access flexibility depending on need. Its true standout functionality is its ability to manage pretty much anything with a privileged credential. The Privileged Access Manager includes native connectors for dozens of systems and applications, including the ability to be injected directly into application code to manage service accounts or application accounts. Customers can also create custom connectors for almost any application.
User access to systems can include access through a terminal client, such as Terminal Services or Putty, copying and pasting a password without being able to see it, having the users account temporarily and automatically placed in a security group, temporarily append SSH keys, or directly display the password to the user. All access methods can be assigned based on user or security group within Active Directory. From an auditing and logging perspective, this product offers detailed logging of session activity, including fully recorded sessions and full audit trail. Along with the detailed logging, this offering has ties into the Hitachi ID Identity Manager suite, which allows for greater granularity and integration with user accounts and access policies. Further, Privileged Access Manager can directly integrate with several ticketing systems which would require a ticket be generated before a user could access specific systems, and ticket workflow could require specific conditions be met before the user can carry out their request.
Documentation included installation and user guides in PDF format. Both include detailed configuration and usage instructions along with many screen shots and step-by-step examples. Both were also easy to follow and well-organised.
Hitachi offers phone- and email-based technical support as part of an annual maintenance subscription. This also includes full updates and product upgrades as long as it is active. Customers also get access to a web-based support portal, which includes many resources, such as a knowledge base, technical documentation, custom connector packages and training materials.
The Hitachi ID Privilege Access Management suite is easy to deploy and easy to use and includes granular configuration options. At a price of about £36,304 for a 1,000-endpoint licence, we find this product to be a good value for the money. However, server and SQL software also are required and are not part of the price.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry