18.3.2. Procedure – Performing four-eyes authorization on PSM


  1. When a user initiates a connection from a client and four-eyes authorization is required for the connection, PSM will pause the connection.


    Four-eyes authorization can be set separately for every channel. However, if a new channel that requires four-eyes authorization is opened in an existing connection, the channels already opened are also paused until the four-eyes authorization is successfully completed.

  2. Login to PSM, and select Four-Eyes from the main menu. The list of connections waiting for authorization will be displayed.

    Figure 18.7. Four-Eyes — Performing four-eyes authorization

    Four-Eyes — Performing four-eyes authorization

    Only those connections will be listed, where your usergroup has the Authorize or the Audit&Authorize permissions. No other PSM privilege is required to access this page.

  3. Select the connection and click Accept to enable the connection, Reject to deny the connection, or Accept&Follow to enable it and monitor in real-time.


    Following a session requires the following:

    • The Audit option must be enabled for the specific channel in the Channel policy of the connection.

    • The Audit Player application must be installed on the computer of the auditor.

    • If the Audit policy of the connection uses encryption, the appropriate decryption keys must be available on the computer of the auditor.

    The Safeguard Desktop Player application replays the live streams in live mode. For details on how to monitor a connection in real-time using the Safeguard Desktop Player, see Procedure 8, Replay audit files in follow mode in Safeguard Desktop Player User Guide.

  4. Enter a note why the connection was accepted/rejected into the appearing dialog box. This description will be stored in the connection database together with other metadata about the connection.

    Figure 18.8. Describing why a connection was accepted/rejected

    Describing why a connection was accepted/rejected
  5. If you have to terminate an ongoing connection for some reason, select Active Connections from the main menu. The list of ongoing connections will be displayed.

    Figure 18.9. Active Connections — Displaying active connections

    Active Connections — Displaying active connections
  6. Select the connection to stop, and click Terminate.


    When following a connection in the Safeguard Desktop Player application, the auditor can also terminate the connection from the Audit Player by clicking Terminate.

    Figure 18.10. Terminating a connection in Safeguard Desktop Player

    Terminating a connection in Safeguard Desktop Player