The EPM Windows allows users to start remote sessions directly from the client, similar to the PAM Core module. With the addition of the Start session button and session status indicator, it’s now even easier to launch RDP and SSH sessions without accessing the main Vault interface.
Remote sessions can be started from the EPM client itself and use the same proxy technologies as PAM Core, ensuring auditability and security throughout the process.
Applicability
- Enables RDP and SSH sessions directly from the EPM Windows client.
- There’s no need to access the Vault web interface for this functionality.
- All sessions are audited and included in the PAM Core reports, such as Access control.
- SSH sessions are supported on Windows 10 or later only.
- Uses mstsc for RDP and OpenSSH for SSH, both native in Windows.
Features
- The Start session button is available when selecting a credential.
- The session status indicator shows whether a connection can be started.
- When initiated, RDP sessions are opened via mstsc, and SSH sessions are opened in the Command Prompt using OpenSSH.
- Session traffic is routed through SeguraTerminal Proxy (SSH) and Segura RDP Proxy (RDP), ensuring all actions are audited.
- Session reports and logs are available in the same PAM Core reports as other sessions.
Use cases
- Remotely connect to servers using RDP without exposing credentials.
- Manage Linux environments via SSH with centralized auditing.
- Speed up access to critical systems without going through the web Segura interface.
Info
Remote sessions started from EPM Windows are included in the PAM Core access reports, ensuring traceability and compliance with audit policies.
Attention
SSH sessions via Vault are only available on Windows 10 or later.