Privileged Session Management

Part of your Privileged Access Management solution

Privileged Session Management (PSM) controls privileged user access to your IT systems, neutralizing hacks and offering unprecedented control. PSM is fast to deploy and integrates seamlessly into existing networks, so you can keep compliant with the latest security regulations and realize the ROI of better security quickly.

Central Control Point

Stay compliant by managing access to your critical IT assets with a centralized authentication and control point.

Prevent and Deter Malicious Activity

Monitor privileged user sessions in real-time, detect rogue behavior, accelerate incident response with session termination or alerts.

Fully Forensic Playback

Discover a breach source through detailed session data and searchable, movie-like playback. Identify risks and vulnerabilities.

Realize ROI Fast

Install a fully operational session management solution within a week, with minimal changes to your IT environment.


How to use PSM effectively
within an
overall PAM

Mitigate against privileged account risks
Get in touch

Granular Access Control

PSM acts as an application level proxy gateway. Transferred connections and traffic are inspected on an application level, rejecting all traffic violating the protocol. With this high-level understanding of network traffic you can control the features of the protocols, such as authentication and encryption methods used in SSH connections, or channels permitted in RDP traffic.

  • Full support

    For SSH, RDP, HTTP(s), Citrix ICA, Telnet, TN3270/TN5250, VNC, X11 and VMware View protocols

  • Audit file transfers

    Either SCP, SFTP or HTTP(s)

  • Detailed access control

    Based on time and user group policies

Authentication and Authorization

Enforce the use of two-factor authentication methods and verify the public key of users in your network. PSM has a built-in capability to verify SSH host keys and certificates – identifying servers, preventing man-in-the-middle attacks and other threats, completely independent from the authentication that the user performs on the remote server.

  • Gateway authentication and integration

    Including Microsoft AD, LDAP or RADIUS, and multifactor authentication backends

  • User-mapping policies

    Describe who can use a shared user to access your remote server

  • Password vaulting

    Either through the built-in Credential Store, or integration with a third-party password management system

  • Server-side auto-login

    Balabit impersonates the authenticated user on the server

  • Four eyes authorization

    Avoid accidental misconfiguration

Searchable, Movie-Like Session Recording

PSM operates transparently and extracts information directly from the communication of the client and the server, providing reliable data access. It records user sessions into searchable movie-like audit trails, which can be followed in real-time exactly as they appeared on the screen to monitor privileged user activity.

  • Complete documentation

    All remote system access recorded

  • Tamper-proof audit trails

    Everything encrypted, signed and time-stamped

  • Control your session playback

    Fast forward functionality and quick, free text session search

  • Custom reports

    For activity and compliance

Seamless Integration Into Your Security Ecosystem

Your network infrastructure is seamlessly integrated with a physical or virtual PSM appliance that automatically handles transparent and non-transparent connections, allowing PSM to slot in alongside your existing password management, ticketing, SIEM and system management tools. To simplify integration with firewalled environments, it supports both source and destination address translation (SNAT and DNAT).

  • Independent and agentless

    With both network appliance and design

  • Flexible network configuration

    Including virtual LAN support and a high availability option

  • Virtual appliance options

    VMware and MS Hyper-V

  • Cloud deployment

    In Microsoft Azure and Amazon Web Services

PSM as part of PAM

Privileged Access Management goes beyond password-based authentication to protect your business against privileged access misuse. The PSM component establishes a central control point for authentication and authorization, helping you to stop malicious behavior and speed up forensics without affecting the workflows of genuine, legitimate privileged access users.

Recent Resources

The top IT Security trends to watch out for in 2018

With 2017 now done and dusted, it’s time to think ...

The key takeaways from 2017’s biggest breaches

Like many years before it, 2017 has seen a large ...

Why is IT Security winning battles, but losing the war…?

When a child goes near something hot, a parent will ...

“The [Balabit] solution’s strongest points are the privileged session management, recording and search, and applying policy filters to apps and commands typed by administrators on monitored sessions.”

– The Forrester Wave, Privileged Identity Management, Q3 2016, by Andras Cser