Built for your security conscious customers, our platform provides identity management features that help protect the security of their infrastructure.
Minimise your security risk by using our audit logged TACACS system to access customer devices instead of relying on generic credentials.
Avoid revealing sensitive login credentials for customer devices using our secure, audit logged password vault.
TACACS and AAA
Avoid the security risks of using generic access credentials for your support team on customer devices. With our integrated TACACS, they authenticate to the device using the credentials in your Gemmb platform.
Our poller can be defined as the TACACS Authentication, Authorisation and Accounting (AAA) server for devices that support this protocol, for example Cisco, Juniper, Riverbed or other custom devices.
The privilege level of the authenticated user can be configured as administrative or non-administrative (read only), where the device supports it.
Access to devices using our TACACS is logged to provide a secured administrative audit trail. The logs include the user, whether access was granted or denied, and the commands they issued.
The platform's security framework allows your administrators to configure customer and user level account policies that govern password length and complexity, password expiry and the ability to reuse previous passwords.
Once a policy has been defined, the system takes care of the rest, asking users to change their passwords as per the policy.
Our platform contains a password vault feature for secure storage of credentials used to access managed devices. Your administrator, or your customer if you give them permission, can define several levels of access credentials which are securely locked away in your platform. The credentials can be used to automatically log on to devices without revealing the actual username and password to the user.
The password vault integrates with our Connector application, removing the complexities of connectivity and credential management for your support team, streamlining your remote support process.
Access of credentials in the vault is logged for a secured administrative audit trail.
Our platform supports two-factor authentication using one-time passwords generated by an app on your mobile device. Enabling two-factor authentication is a simple process that each user may follow on their account settings page.
In addition to providing extra security when logging in to the platform, two-factor authentication can also be used to provide an extra layer of security when accessing resources.
For example, your administrator may configure the platform to only allow access to certain resources, say a password vault, or connection to a customer's device, for those users who have two-factor authentication enabled. These users will be required to reauthenticate using their password and one-time password before being allowed access to these two-factor secured resources.
View our comprehensive Feature List