Accessibility Links

Privilege Guard 3.0

The world's leading privilege management solution.

In this release, our customers will find enterprise reporting modules, powerful new privilege management features, and cutting edge usability improvements.

New to Least Privilege? Download

Core Product Enhancements

Optional Add-on
Packs

Optional Add-on Packs

Enterprise
Reporting Pack

Enterprise Reporting capabilities built on proven, scalable, Microsoft technologies including Microsoft SQL Server, WinRM and SQL Server Reporting Services:

  • Privilege Guard Event Collector aggregates and uploads events to the database

  • Rich interactive dashboard reports showing Top 10, breakdown by publisher, and activity timelines:

    • - Executed Applications

    • - Elevated Applications

    • - Blocked Applications

    • - Discovered Applications

  • Drill down on dashboards to get detailed reports on the applications

  • Filter reports on event type, users, computers, application details and date ranges

  • Create your own custom queries and dashboards with SQL Server Reporting Services

  • Read more in the new product datasheet

Enterprise Reporting Pack Enlarge screen shot
Back to top

McAfee ePO Integration Pack

The McAfee ePO Integration Pack will enable McAfee customers to deploy Privilege Guard via ePolicy Orchestrator (ePO) and report on privileged activity from directly within the ePO console. Privilege Guard's events are forwarded to ePO via the McAfee Agent, enabling rich reporting capabilities through configurable dashboards and queries.

This integration extends ePO’s powerful management capabilities with the following features:

  • Integrated Privilege Guard Client deployment

  • Rich dashboards summarizing discovered, elevated and blocked applications

  • Summary of applications which require admin rights (Privilege Monitoring)

  • Applications that have been elevated automatically and on demand

  • Product properties to track the deployment of the Privilege Guard Client to computers

  • Read more in the new product datasheet

McAfee ePO Integration Pack Enlarge screen shot
Back to top

Core Product Enhancements

User Interface

Privilege Guard 3.0 includes a new look management console. As you move beyond the obvious visual enhancements, you will find full search capabilities, which allow you to quickly locate policy items and navigate to them with ease. Search results are highlighted in real-time as you type into the search box, and results can be selected, taking you to the settings you wish to manage.

Here is a summary of the management console enhancements:

  • New look & feel, with rich summary views

  • Message editor instant previews

  • Policy wide instant search and drilldown

  • Application template instant search and multi-select

  • Improved support for deletion of referenced components, with conflict management and auto-resolution

User Interface Enlarge screen shot
Back to top

Policy Filtering

A powerful new filtering engine has been added to version 3.0, which allows you to create flexible filters on policies:

  • Account Filters – restricts the policy to specific users or groups of users

  • Computer Filters – restricts the policy to specific computers or remote desktops

  • Time Filter – restricts the policy to being applied at particular days of the week and times of the day

  • Expiry Filter – expires the policy at a set date and time

Policy Filtering Enlarge screen shot
Back to top

Designated User Authorization

Designated user authorization is a new feature in Privilege Guard, which allows you to restrict which users are able to authorize the use of an application, without the need to roll out new policies.

This ‘over-the-shoulder’ authorization adds a flexible layer of policy management, by delegating the decision process for one off, or temporary usage requests, to office based support admins.

Designated user authorization may also be used in place of the traditional ‘Run As’ capability in Windows. This provides a policy controlled and fully audited alternative, which has a corporate look and feel, as it is built on top of Privilege Guard’s extensive end user messaging capability.

Designated User Authorization Enlarge screen shot
Back to top

Parent Process Rule

This new application matching rule allows you to apply policies to an application based on which parent process created it. Parent processes are defined using Privilege Guard’s flexible application groups, which offer a powerful set of application matching rules.

The parent process rule gives you greater control over which applications are granted elevated privileges, and reduces the cost of defining policy in scenarios where child applications are difficult to target, such as software installations and updaters.

Parent Process Rule
Back to top

Child Process Matching

In addition to the new parent process rule, the child process matching option, within an application definition, has also been updated. You can now define more granular control over which child applications are included in the complete application definition. The child processes may be restricted using an application group, which provides a powerful set of application matching rules to identify the child applications that should be included in the overall application definition.

Child process application matching gives increased security and protection to granting privileges for nested and multi-process applications, such as logon scripts.

Child Matching Process
Back to top

Shared Workstation Unlock

Shared workstation unlock enables you to define policies which allow (or disallow) a user to unlock a shared workstation which would usually only be possible for users who are local administrators. This new policy option enables you to override the standard behaviour and empower standard users who work in shared workstation environments.

Shared Workstation Unlock
Back to top
Supported Platforms

Get the all new Privilege Guard 3.0

The world’s leading privilege management solution.

Download
Listen to the experts

Listen to the experts

Check out the latest information from industry analysts and experts on the subject of least privilege.

Click here to learn more

What’s on

What’s new in 3.0

Learn about the latest features added to our award winning Privilege Guard software.

Click here to learn more

Least Risk Windows 7

Least risk Windows 7

Find out how you can implement the least risk Windows 7 desktop.

Click here to learn more

Privilege Guard allows organizations to implement least privilege and empowers users with the privileges to perform their role.

Avecto Ltd,
Work 3 Dundee Park, Andover, Ma. 01810 USA
Phone +1 978-703-4169 | Facsimile +1-978-910-0448 | Support +1 978-703-4165

© Avecto 2012. All rights reserved

Privacy Terms Contact Us Site Map Avecto Home

Top of the page