Imprivata Privileged Access Management Product Update 2.3.201905122212

May 12, 2019

PAM Update: adds traffic recording for MySQL and MS SQL Server databases, Audit Log archiving and broader support for Radius MFA

Today we released a new update to the Xton Privileged Access Manager software.

This update adds traffic recording for MySQL and MS SQL Server databases, Audit Log archiving and broader support for Radius MFA.

Added traffic recording for MySQL and MS SQL Server databases

The update adds the option to save SQL statements to the Session Events Logs when connecting to MySQL or MS SQL Server database servers through SSH Proxy tunnels using native clients such as MySQL Workbench, MS SQL Studio, command line SQL prompts or other client applications.

The option to record SQL traffic helps to understand typical administration activities, alert stakeholders about suspicious queries or to comply with regulations.

The traffic recording option is controlled by Session Events Recording permission level setup for SSH Tunnels used to establish SQL connection.

The traffic recording option is enabled automatically for tunnel channels opened through SSH Tunnel to standard ports (port 3306 for MySQL and port 1433 for MS SQL). It is also possible to provide hints to the SSH Tunnel to enable traffic monitoring established on non-standard ports.

To provide a hint for the SSH Tunnel record, first, create a field in the Record Type describing an SSH Tunnel record with the Name: TrafficIntercepterHints, Display Name: Traffic Intercepter Hints, Type: String. After that create a value for a hint in the SSH Tunnel record itself.

The hint is a comma-, space- or semicolon-separated list of protocols and ports that should be recorded. For example the hint: mssql:1444 mysql:3333 instructs recording for the MS SQL Server traffic connecting to port 1444 and MySQL traffic connecting to port 3333

Added Audit Log archiving option

The update adds the option to automatically archive audit log entries including saving old entries to CSV export to the system export folder and deleting them from the database based on configured Audit Log Retention time in days.

The option is useful to comply with the organization electronic records retention policies as well as to limit the load on the system database.

Added broader support for Radius MFA

The update adds support for the Multi-Factor Authentication option using Radius-based devices that require user authentication with credentials provided during the 1st-factor stage to generate a customized token for each user based on repeated first-factor authentication.

One example of such a device is the SMS Passcode popular in Northern Europe.