logo

Log In

[templated item][templated item][templated item][templated item][templated item][templated item][templated item][templated item]
Partners

Products | Overview

 

Viewfinity Privilege Management

It’s a well-known fact: hackers exploit administrator rights to access your systems. This is a fundamental security loophole that is often the first step taken when attempting to penetrate your infrastructure. Yet many firms struggle with how to approach and manage a project to remove administrator rights, and once removed, how to avoid an influx of calls to IT support to deal with user needs related to privilege elevation requests.

At Viewfinity, we help you approach this in an automated, step-by-step process. The key components of our solution are designed to enforce your security requirements to remove administrator rights. We help the operations team that needs to support this mandate through a smart, effective and manageable process. Controlling administrator rights is manageable, easy and non-disruptive via Viewfinity Trusted Sources Methodology.









 

Getting started: assessing the environment

To start with, Viewfinity has a complimentary tool that helps you discover user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain.

Next, we inventory all the applications currently running in your environment and determine which of those applications require administrator rights in order to execute.

Once that’s done, we invoke our Trusted Sources.

Don't know which user accounts have
Local Admin Rights? Find them now!
Download the free tool now!

Automatic handling of applications that require elevated permissions via Trusted Sources

During the discovery phase, information is collected related to only applications requiring administrative rights. It is these applications which will require privilege elevation policies. However, it would be unmanageable to create all of these policies manually, so Viewfinity uses its Trusted Sources to automatically create privilege elevation policies if the installation origination or application is deemed trusted.

Trusted sources are those applications innately known, and thus trusted. This includes applications originating from: Software Distributors, Updaters, Network Location, Installation Package, Publisher, Product, User/Group, OS image and more.

For example, the "Trust by Software Distributors" policy works with applications and files distributed through SCCM (or any software distribution system) and will automatically elevate privileges if, following the installation, the application requires admin rights in order to function. As a result, the "Trust by Software Distributors" policy significantly reduces the number of approvals and policies that need to be managed.

Why do you need Privilege Management?
Watch our 2 minute flash video.

Intelligent grouping of like privilege needs creates overarching privilege elevation policies

Viewfinity can automatically aggregate privilege policies based on similar user needs so the number of policies that need to be created and managed are reduced by an order of magnitude. The product intelligently scans a Windows environment and identifies common user privilege needs across the organization.

This is done by automatically detecting attempts to use/install applications or tasks requiring administrator rights. These events for elevated privilege needs are aggregated and a single policy is created that can be used across the organization or for a collective group of users.

Restricting privileges for particular applications and what they are allowed to access

For some applications, even though they are “trusted”, you may have a need to restrict privileges so that they have limited access to designated resources. This combination adds a data-centric level of application security currently unavailable with the other privilege management solutions. Examples of what can be restricted include: internet, corporate shares, registry and file access

Arrange for a trial evaluation to
learn more about the product!
Register for Trial Evaluation

Managing ad-hoc and privilege elevation needs after the initial setup

While 95-99% of your privilege management needs and policies will be established and implemented well ahead of time, for those exceptions, and there are always exceptions, Viewfinity offers a method for IT administrators to streamline privilege elevation requests from end users.

Once the applications requiring administrator rights have been discovered and created using our Trusted Sources and Automatic Policy Aggregation process, Viewfinity provides two automated methods for handling ad-hoc requests. For users, groups or applications that require more control over which privilege elevation requests should be authorized, we provide a workflow authorization option to create the appropriate policy and approve the privilege elevation request on the fly.

For power users or those who are often working remotely, we have an on-demand option that allows for self-elevation to handle one-off requests. Self-elevation or policy automation via authorization workflow is highly configurable and can be enabled by user, group, or by type of request.

End users receive an email notification when the policy has been created. All policies can be configured to support customized messages for end users to see when applications are launched with elevated privileges.

 

Supporting privilege elevation needs for users on-the-go with no network access

A user can be authorized for a "one-time use" of an application. This can be used to allow an application to run for users on-the-go with no network access and thus with no ability to update policies. In such instances, if One-time Run Authorization is enabled, a user can submit a request to the administrator and get a one-time authorization. The request is a code (Request ID) to be provided by the user, and in turn the user will be provided with an Authorization Code that should be entered in the Viewfinity One-time Run Authorization dialog in order to launch the application. The authorization access code ensures that access is matched with the requested application. All usage of one time access is audited and reported.

Mitigation the Biggest
Security Threat of all -
Your Users

Running web applications that require administrative permissions

There are instances when a website requires administrative permissions in order to operate successfully. Viewfinity provides the ability to create policies that will elevate privileges for specific URLs. Web Application policies are activated on the client PC, just like other policies.

When the user browses to an elevated URL, the user will be presented with a window asking to start another browser window, which will be opened with elevated privileges. Only this window has the rights to run the application requiring administrative rights.

Supporting your remote and mobile workforce

Viewfinity does not require laptops or desktops to be part of the Active Directory domain or to be directly connected to the corporate network in order to activate policies that manage administrator privileges. As soon as the PC connects to the internet, Viewfinity delivers the policies and rules established by the IT Administrator. Once delivered, all policies continue to be enforced even while working offline.

Elevation rules are applied in real-time and do not require users to cycle through the log on process. Viewfinity doesn't require desktops to be part of the domain or to be attached to the corporate network in order for privilege elevation policies to be delivered. Reports can be used to monitor the status of polices being applied.

Read how a prominent legal firm used Viewfinity to support its mobile workers.

 

Protecting your environment with advanced Threat Detection capabilities

Viewfinity extended its solution base and has moved to an adaptive protection architecture through direct, real-time collaboration with threat detection vendors. Viewfinity leverages the investments organizations have already made in network security firewall technology and reputation database services.

MONITOR APPLICATION ACTIVITY

  • Internet
  • Intranet
  • Network Shares
  • Registry
  • Files
  • Sandboxing with networks security providers
    Cross reference suspicious application activity detected on endpoints, along with information about network behavior at the endpoint level, with network security solutions such as FireEye, Check Point and Palo Alto. Proactively update policies to block confirmed bad files.
  • Integration with Check Point Firewall Anti-Bot
    Update firewall policies by utilizing Viewfinity’s endpoint forensic analysis capabilities that precisely trace unique information related to the origin of a file and blocking that entry URL. Download the joint solution brochure.

  • Monitoring Network Events on Endpoint
    Full, real-time visibility of network events on endpoints. Reduces the footprint of an attack by pinpointing every endpoint on which the malicious file is installed and blocks it from further execution or propagation.
  • Integration with FireEye Mandiant TAP
    Deepens threat investigation reach because FireEye admins utilize Viewfinity’s endpoint data during investigations. Learn more about our integration with FireEye.
 

Managing administrator rights for applications that run on Windows servers

Most people think of managing administrator privileges solely on endpoints, but our customers also use the product on servers for separation of rights between those who manage servers and those who manage applications. This approach complements the security protection measures you are already taking with Privileged Identity Management. For example, you can:

  • Elevate privileges or restrict access to precise Windows services rather than allowing across the board admin rights to all services.
  • Manage privileges on select server applications.
  • Enable the auditing features to capture an audit trail of actions that privileged users are taking on servers.
  • Reduce rights for technical staff that only need access to specific tasks/services to resolve support calls that fall within their area of responsibility.

Downloadable Resources

 White Papers

 Customer Spotlight – Case Studies
 Webinars

 Brochures