Manage your vendor’s access with the Gatekeeper
Access control
Control if, when, and what your vendor can access
Receive access notifications, define just-in-time access, and enforce least privilege access.
Secured credentials
Enable access without having to share credentials
Manage vendor credentials, which are obfuscated and injected directly into sessions.
Visibility with audit
Review exactly what your vendor did in a session
If enabled, review vendor activity with detailed logs and video recordings.
The Gatekeeper facilitates connectivity between a vendor using CPAM and your environment
The Gatekeeper is a lightweight piece of software that's installed on a single server within your network and acts as the secure connection between CPAM and your environment. It gives your vendor the connectivity to provide support, while giving you control and visibility over their access.
Frequently asked questions about the Gatekeeper
Who has access via the Gatekeeper?
- Vendor technicians authenticate on the vendor’s own CPAM server and must be a member of a group that has access rights to your environment. Logins can’t be shared, so there’s no risk of a terminated employee gaining unauthorized access.
What can technicians access, and what can they do?
- Technicians can only access and do what you give them permissions for. The Gatekeeper allows you to set least privilege permissions, defined per application down to the port and host level, to give technicians access to everything they need and nothing more. They are never actually on your network, so there's no real threat of lateral movement or network scanning. Privileged credentials can be stored and injected directly into sessions so that technicians never know, need, or share logins.
How do I access the Gatekeeper?
- Your vendor will provide you with a Gatekeeper user account. With this account, you’ll be able to login and manage access to your applications, your credentials, and your notification preferences.
What is captured in the audit?
- The Gatekeeper provides high-definition auditing that tracks all activity, including files transferred, commands entered, services accessed, and detailed log files. It includes detailed video recordings and text-based audit logs. Audit tracking is tied to the individual user, creating 360-degree visibility for all parties involved. The audit must be enabled by your vendor.
Will I have to make any changes to my firewall configuration?
- The Gatekeeper requires internet access to communicate with your vendor’s CPAM server, but there are no firewall changes necessary to enable your vendor to connect using CPAM.
Does the Gatekeeper require a dedicated workstation or server?
- The Gatekeeper does not need a dedicated workstation or server.
Is a reboot required during installation?
- No, installation of the Gatekeeper does not require a server reboot.