Xceedium Gatekeeper was the first product designed by the company, initially built with
out-of-band and
in-band KVM for remote IT control. The
GateKeeper software was updated to provide network-based access control and session recording/playback. Later,
GateKeeper and
Cloakware Password Authority (a product acquired from Irdeto) were integrated to form
Xceedium Xsuite. The main capabilities of
Xceedium Xsuite were: role-based access control, command filtering (white/black list), user containment (prevents SSH based leapfrogging or RDP hopping to unauthorized nodes), session monitoring/policy violation alerting, session recording and playback and privileged password vaulting and management. The
Xceedium Xsuite platform enabled organizations to apply the
principle of least privilege, which holds that systems and individuals should only be granted access to the resources and commands that are absolutely necessary for the required task. According to the company,
Xsuite limited access for privileged users to the systems and commands for which they are explicitly authorized (
Role-based access control). It also monitored the activities of privileged users and sent alerts when individuals attempted to violate a policy. The system recorded privileged user sessions such as
telnet,
RDP,
SSH, and
VNC and provided a mechanism to replay recorded session for investigations and forensics.
Xsuite Cloud for Amazon Web Services (AWS) was introduced as an extension to the
Xsuite platform. It provided privileged identity and access management for standalone AWS implementations or hybrid architectures that can include infrastructure nodes (e.g., servers, network devices, storage devices, security systems) running on: AWS
Amazon Elastic Compute Cloud (EC2), private clouds, as virtual machines or traditional single OS/hardware scenarios. Following the acquisition of Xceedium by CA,
Xceedium Xsuite was integrated into the CA product range as
CA Privileged Access Manager. == References ==