Imprivata Privileged Access Management Product Update 2.3.202006282252

June 28, 2020

PAM Update: Added periodic health check notifications, custom port and protocol for Windows Remote PowerShell access and password generation for local users

This update added a health-check notification process monitoring the state of various system components, custom port for Windows Remote PowerShell access and password generation for local users.

Added periodic health check notification

The update added system process to health check, report, post to the audit log and stream to SIEM systems the status of various system components.

The health check process attempts to directly connect to the endpoint of the following components: SSH, RDP, HTTP Proxy, all integrated LDAP servers and also verifies the other nodes check-in times.

The results of the health check are reported on the node monitoring page and also posted on the Audit Log.

In addition to the notifications about the failed components posted to the audit log on the Warning level, the system also posts periodic (once an hour) heartbeat audit log messages on the Information level confirming the expected operation of system components and integrated user directories.

Administrators can subscribe to the audit log Health Check events or to SIEM system messages to receive notifications about failure in the system components or heartbeat stream to confirm normal operation.

Added custom port and protocol for Windows Remote PowerShell access

The update added the option to define a custom port for password reset and job execution for Windows Remote PowerShell strategy using WinRM protocol by specifying the port number in the record type Number field ServicePort (default 5985).

The update also adds the option to define transport protocol for password reset and job execution for Windows Remote PowerShell strategy using WinRM protocol by selecting SSL option in a record type Checkbox field EnabledSSL (default off).

These options allow to execution of password reset and other remote job scripts on the servers with custom PowerShell port and protocol.

Added password generation option for local users

The update added the options to generate, reveal and copy passwords to clipboards when creating or editing local users.

The option simplifies sending notifications to users and contractors about provisioning their local accounts while promoting password strength best practices for the accounts accessing the system.