Enterprise Random Password Manager and Random Password Manager (E/RPM) integrate with both McAfee ePolicy Orchestrator (ePO™) and Enterprise Security Manager (ESM) to provide enhanced Security Risk and Compliance capabilities, correlate security and event data, and give oversight control of elevated privileged accounts.
Managing ePO Privileged Account Credentials
ERPM and RPM are the first products capable of enabling secure check-in/check-out of privileged account credentials directly from the McAfee ePO web-based interface, and the first to deliver identity and configuration data enrichment for ePO.
The credentials used to access systems in many McAfee ePO software installations often remain unchanged, despite security best practice and regulatory compliance mandates that require access to sensitive data through these accounts only on a "need to know" basis.
ERPM and RPM help you secure sensitive data by removing anonymous access to McAfee ePO software. The Lieberman Software products provide a model in which sensitive logins are controlled and passwords automatically revoked immediately after delegated IT personnel complete their work.
The Lieberman Software - ePO integration process includes:
- ePO user selects a machine for which privileged credentials are required;
- ePO user selects an account from a list generated by E/RPM;
- The password for that account is delivered immediately, or a request for approval is generated;
- After the work on the machine is completed, the credential can be checked-in, or the check-in is performed automatically after a fixed period of time.
- All access to credentials is controlled and audited; ePO accounts are mapped to an enterprise account for authorization.
- After credentials are issued they are automatically changed in the background to ensure that each user is accountable for their access during the designated period of time.
Recover Specific Account Password from a Machine with ERPM. (Click to enlarge.)
Identity and Configuration Data Enrichment for ePO
The integrations also provide detailed data to ePO about the privileged credentials that are automatically discovered and tracked on each system by the Lieberman Software products.
McAfee Enterprise Security Manager (ESM) Integration
ERPM works with McAfee ESM to correlate security and event data and provide oversight control of elevated privileged accounts. ERPM password check-out/check-in actions and credential changes are seen in the McAfee ESM system, along with successful and failed password verifications.
The McAfee ESM system tracks and correlates privileged account activities, letting users monitor and respond to issues from within the McAfee ESM interface. Customers can observe the actions taken by privileged users and pass this information along to security auditors. The combined technologies provide enterprises with enhanced monitoring, visibility and management of their powerful privileged accounts.
McAfee SIA Partnership
Lieberman Software is a member of the McAfee Security Innovation Alliance (SIA) program.
For more information on how Lieberman Software's McAfee ePO integrations can help secure your organization, contact an account manager.