IAIT review: The WALLIX Bastion leaves remarkably good impression
Independent German institute IAIT puts WALLIX to the test: WALLIX BASTION 5.0.2 leaves remarkably good impression
The first step evaluated was the integration capacity of the Bastion which is complemented by an assistance configuration guide.
The independent Institute IAIT performed a in depth test of the WALLIX Bastion. In addition to their review of product functionalities, the researchers also evaluated the implementation time and added value offered by the solution. The key elements experts focused on encompassed the essential features of Privileged Access Management (PAM): Session Management, Password Management, and Access Management.
For the review, IAIT recreated several realistic use cases using Systems running on Linux Debian and Windows Server 2016. For both scenarios, Dr. Güttich opened an account in the Bastion and founded a group with several local users. He and his team attached different level of access rights to those users. Additionally, new devices with individual accounts were added to the WALLIX Bastion.
The first step evaluated was the integration capacity of the Bastion which is complemented by an assistance configuration guide. After booting and configuring the network access, the researchers were able to connect via IP address to the Bastion. It was noted that the solution itself works as a virtual proxy: the user first accesses the Bastion before the desired connection to the target system is created: “This makes the product equally suitable for service providers and internal administrators in medium-sized companies“, says Dr. Götz Güttich.
Part of the configuration has an optional function to automatically change passwords. The management of passwords is fully in the hands of the PAM solution: “After this, the WALLIX Bastion generates the corresponding passwords for all affected accounts at regular intervals – the rotation frequency is definable, stores them in its password vault, and activates them on the relevant target systems. In this case, the passwords are no longer known by the users, who can then access their computers exclusively via the WALLIX Bastion” adds Dr. Güttich.
The researcher gave a special remark to the recording feature of the Bastion which allows the administrator to record a full session and give him or her full insight into all actions that occurred during this particular time. Such functions are important support for audits and compliance checks. Dr. Güttich summarizes the test:
“The test we operated on the WALLIX Bastion left a remarkably good impression. The product not only enables easy and secure access to the privileged user accounts of the existing network components, but also handles the password management and, if desired, controls applications on the network. Comprehensive functions for auditing, which clearly show who has done what and when, round off the range of services provided by Bastion.”