Cloud services combine all the administrative controls for a datacenter, put them on the Internet, and protect them with little more than a simple username and password. The accounts with the highest privileges present the highest risk if they are compromised or misused. Even tasks that need simple read only permissions risk accidental data disclosure or a full breach. Traditional monitoring tools can detect some forms of abuse, errors, and threats, however it’s not consistent and often it’s long after the damage has been done.
FIREMON
Authorization Control
Defend your IAM perimeter with integrated just-in-time approvals and increased security measures
Precision Control for Admins, Developers, and Incident Response
FireMon Authorization Control
FireMon Authorization Control eliminates permanent IAM privileges assigned to users using just-in-time access and precision identity policy restrictions. Users get the access they need, only when they need it, securing the biggest attack vector for cloud-based resources.
Working with your existing identity solution providers, FireMon Authorization Control gives you real-time workflows to request and grant access using ChatOps, support privileged access workflows, and insert policy restrictions such as time of access, source IP addresses, and tag-derived attribute-based access controls.
In less than 30 seconds, users get the access they need, only when they need it:
- Request access via Slack and MS Teams
- Approve (or deny) requests for access with one-click simplicity
- Access resources only with the permissions needed for limited duration of time
- Expire and terminate access keys automatically when the session ends
- Audit all activity associated with each access request
FireMon Authorization Control
Authorization Control Features
Just-in-Time Access
Provide access to your administrators and developers only
when they need it. Security teams can dynamically grant
privileged access for a specific duration using real-time
workflows and pre-configured templates that ensure nothing
is missed.
- Time-based privilege increases using pre-defined
templates or custom controls - Integrate with existing privileged access workflows
- Support for AWS and nearly every identity provider
including Okta, Ping, and Azure AD - SIEM/SOAR integration for logging and response access
Real-Time Request Routing
FireMon Authorization Control uses the tools your team is already using to speed adoption and the entire approval process. Users simply initiate a request via chat and the approvers are immediately notified of the request. Once approved, a real-time maintenance window can be created in seconds allowing the user in with the approved access privileges.
- Chat integration with existing tools including Slack and
MS Teams - Requests capture key information for approval including the account, permissions needed, and justification
- Single-click approvals embedded in chat
- Direct messaging or group integration visibility and accountability
- Auto-approval options with chat-based team visibility and logging
Enhanced Policy Restrictions
FireMon Authorization Control offers additional authorization options that enhance the tools you have in place today. Security teams can create custom templates that add additional requirements including multi-approvals, IP restriction, or resource attributes such as tags.
- Custom policy templates
- Configure additional restrictions for sensitive systems
- Multi-approvals (m-of-n) for an extra layer of security
Use Cases
- Elevate privileges in response to specific issues
- Daily access approvals to protect against use of stolen credentials
- Refine SSO access to privileged accounts
