ManageEngine, the IT management division of Zoho Corporation, has announced the launch of Access Manager Plus, a privileged session management solution for enterprises, and Application Control Plus, advanced enterprise security software that brings together endpoint privilege management and application control capabilities. The new products bolster the company’s security suite, allowing security admins to:
1) Facilitate and govern remote sessions that provide users with privileged access to critical business systems, and
2) Exercise greater authority over their critical applications by enabling control processes based on Zero Trust and threat prevention.
Access Manager Plus: Securing Remote Access for Privileged Sessions
Remote connectivity has become mainstream as employees increasingly access corporate systems at their convenience, irrespective of their location or the time of day. Despite being inflexible and posing huge privacy and security risks, traditional tools like VPNs are still used by most organizations. A solution that streamlines corporate remote access, while also offering strict governance over privileged sessions for ultimate security, can remedy the risks associated with remote connectivity.
"Allowing remote access to critical infrastructure components can be a double-edged sword for IT leaders, as they have to judiciously handle the productivity it brings against the security risks it opens up. The growing complexity, modernity and heterogeneity of the infrastructure only makes it worse," said Rajesh Ganesan, Vice President at ManageEngine. "With Access Manager Plus, enterprises can now build solid layers of security and compliance, and allow seamless remote access to a wide variety of target systems, boosting overall productivity."
Access Manager Plus effortlessly integrates into an organization's IT network, and allows security teams to always have the upper hand while configuring remote access and managing privileged sessions.
The enterprise-ready features of Access Manager Plus include:
- Data center remote access: Leverage simplified, direct connections to remote data centers, and automatically authenticate via jump box support for Windows and Linux platforms.
- One-click remote sessions: Enable users to launch direct RDP, SSH, SQL and VNC connections to remote hosts. Tunnel the connections via encrypted gateways for enhanced security.
- RemoteApp support: Allow users and third parties to seamlessly access specific Windows-based remote applications from local desktops.
Application Control Plus: A Comprehensive Solution for Application Control and Security
Many security problems arise due to the countless unsupervised applications running in enterprise networks, emphasizing the importance of adopting a Zero Trust approach to application control. Despite enterprise implementions of a Zero Trust model by filtering and controlling applications, attacks leveraging applications’ privileged access persist. A combination of whitelisting, blacklisting and administering application-specific privileges is required to tackle the application-related threats.
"Applications are ubiquitous and incredibly conducive to the productivity of any enterprise. However, they are also the biggest threat vectors in a network, so IT admins constantly have their hands full with application maintenance and access management," said Mathivanan Venkatachalam, Vice President at ManageEngine. “By taking on a trust-based approach to filtering and controlling software, enterprises can eliminate a huge percentage of their security challenges”.
A comprehensive application control solution for Windows environments, Application Control Plus helps enterprises gain a holistic view of their network by aiding in the instant discovery and categorization of authorized and unauthorized applications. With application-level privileged management and dynamic, rule-based whitelisting and blacklisting, Application Control Plus ensures only authorized applications are running and only authorized access occurs, minimizing an enterprise’s attack surface.
Enterprise-oriented highlights include:
- Malware prevention: Limits the chance of malware intrusions and strengthens endpoint security by enabling IT teams to block malicious executables and allow only trustworthy applications.
- Rule-based list building: Simplifies list management by enabling IT teams to build application whitelists and blacklists based on rules like product, vendor, folder path, hash value and whether executables have valid certificates.
- Endpoint privilege management: Allows enterprises to establish the principle of least privilege on an organizational level by running business-critical applications with restricted privileges. It also prevents attacks based on privilege elevation or credential compromise by enabling need-based elevated access to applications.