Imprivata Privileged Access Management Product Update 2.3.202005102258

May 10, 2020

PAM Update: Added session recoding for scp and command execution protocols through SSH Proxy

This update adds session recording for scp file transfer and command execution protocols through SSH Proxy and adds overwrite option for fields inherited from referenced records.

Added session recording for scp file transfer and command execution protocols through SSH Proxy

The update adds more information recorded during SSH Proxy sessions.

Specifically, the update adds the option to save files transferred by scp command (ScpUpload and ScpDownload event types) as well as to record input and output streams of commands executed on the remote servers (InputStream and OutputStream events).

The recorded events are available on the Session or Global Session Events reports with event metadata (timing, file names, sizes) and the option to download transferred files, input or output streams for review.

One of the useful applications of this new option is to capture and record protocol exchange initiated by automation software such as Ansible communicating with SSH end-points using exec or scp commands.

The option is available for users with permissions requiring session events recording.

Added the option to overwrite fields inherited from referenced records

The new update adds the option to overwrite fields inherited from referenced records by marking these fields with $null values to simplify the management of shared credentials.

The option allows using the same record type to share the same credentials or other fields between multiple records without the need to maintain a separate record type for the base record.

Among other cases, this update simplifies the option to import records from 3rd party systems based on the same credentials. In this case, the import file specifies based shared record with defined User and Password as well as $null in Host as the same record type as all other records.

Other records then reference the one with the credential overwriting the Host value.