VISULOX

Visulox Overview

Visulox is a comprehensive Privileged Access Management platform designed to give your organization complete control over activity on their systems. Headquartered in Zürich, Switzerland, the platform is used by organizations of all sizes globally, including Fortune 500 organizations and multi-national companies.

Visulox helps organizations that require several different servers, virtual machines, applications, or other resources for their operations. Each one of these may require a different level of access for different users, which can be a challenge to provision and manage without a comprehensive access management system in place.

Visulox Features

Role-Based Access Controls

Within the Visulox platform, roles are mapped to specific users, which define what actions a user can perform. The platform offers granular customization for these permissions. For example, you could create a role that is allowed to access another user’s session to prove support but prevent them from changing any access rules in the system.

Admins can export lists of users who are able to access a given application, ensuring it is easy to track who has access to what-and to what level-for compliance purposes.

Access to applications and servers are controlled via Access Policies. These policies can be customized and applied to either specific users or groups. These policies can be based on a specific user’s permissions, the IP address used, or even the time of day.

If users wish to access a resource they are not currently assigned to, they may request permission from an administrator, helping to ensure end users can get access to services, when necessary, while minimizing security risks.

File Transit Zone

Visulox’s File Transit Zone feature enables users to easily move data to and from the Visulox platform. A user can browse for files to move or simply drag and drop. When a file is uploaded, it can then be sent to a user’s server or virtual machine to be used there.

Within any servers or machines connected to Visulox, each user has a dedicated folder for the File Transit Zone. Anything placed in this folder is then downloaded to the Visulox portal and can be retrieved there, so file management is very straightforward. Each individual data transfer is documented and can trigger a self-definable event if desired.

Depending on the user privileges, users may have permission only to upload files, download files, do both or neither. Restrictions can also be placed on which file types can be transferred. For example, executable files are not allowed by default. it is also possible to set up the file transfer in two stages and require a supervisor’s check in advance.

Session Recording, Shared Sessions and Remote Access

Visulox can be configured to enforce session recording when certain systems are accessed, ensuring both security and compliance. Users must consent to their activity being recorded via a pop-up before they can access these systems. These recordings are backed up and can be played back at any time.

Similarly, the platform can be configured so that users can only access applications if they are supervised by another user. This is enforced before an application can be accessed, and if the supervisor is disconnected or idles then the session is locked.

Visulox enables remote access into other user’s sessions if they require assistance. Supervisors may request the ability to connect, which the end user may accept or deny. During remote sessions, end users can point at specific information for the helper to look at where needed.

By default, data such as session recordings are stored indefinitely. However, users may also define a custom retention time to satisfy any compliance requirements. Visulox’s revision server also allows data to be moved off their platform to other databases. At no time can unauthorized persons draw conclusions about the activities of individual users. All access to films is logged.

Session recording is available as an additional feature and is not included in the base license.

Audit Logs / Revision Server

Visulox provides comprehensive reporting and auditing. Any activities such as sessions, file transfers and events are kept in audit logs. These logs include which actions were carried out, which suers completed actions, activity timestamps, and IP addresses of sessions where applicable.

Admins are able to annotate log entries where needed. A very useful feature is the ability to view a snapshot of the users’ screen at specific timestamps, which can be viewed directly from the audit log.

Multi-Factor Authentication Support

Visulox supports multi-factor authentication (MFA). PINS / OTPs may be sent by either authenticator app or by email. Any PINs sent by email will be valid for 15 minutes.

MFA is available as an additional feature and is not included in the base license.

Ease Of Use

Deployment is run as a managed service; a Visulox engineer will walk through the deployment with any clients. Visulox is deployed in the customer’s DMZ or data center, as Visulox does not provide their own cloud service.

From a management perspective, administrators have the power to adjust nearly every aspect of their users’ experience. Log entries can also be annotated to provide additional context.

Overall, the platform is easy to use after learning where the different features can be managed within the portal. The main portal is referred to as the ‘Workspace,’ which clearly lists out any resources (servers, VMs, etc.) on the left side and other pertinent information such as system messages, active policies, etc.

Pricing

The Visulox platform is comprised of six modules. The basic user license includes access to two modules, with following features:

Cockpit:

• Shows which users are active / inactive, and allows for any active sessions to be closed at will
• Shows which resources are currently in use
• Manage roles / access rights
• Reporting / statistics

Cooperation:

• Allows users to remotely either work together in an application or only allow certain users to watch
• Recording and logging of shared sessions
• Ability to temporarily hide session from a user without ending it (i.e., if sensitive information comes up that they shouldn’t see)

Additional modules which can be purchased include:

• Session Recording
• MFA
• Revision Server
• Host Control, includes the following:
  • Allows user to work across multiple hosts at the same time
  • Ability to blacklist or whitelist specific actions
  • Specific pricing is supplied via quotation.

Visulox also offers a pre-configured package deal for small businesses. This deal includes:

• 1 Visulox Basic License
• 5 Visulox User Licenses
• 2 Visulox Recorder Licenses
• Remote installation / configuration
• Briefing and handover
• Support and updates for the first 6 months

Overall Summary

Visulox is a comprehensive Privileged Access Management platform, with granular functionality that allows organizations to carefully plan how their assets should be used. VISULOX can be installed during operation and does not require any agents on clients or servers.

Although the platform has a number of areas to configure, which can be daunting at first, the platform is ideal for organizations that require collaboration between users while also handling sensitive data.

Overall, we recommend that organizations looking for a comprehensive PAM solution, with granular policy controls, easy file management and detailed audit logging, should consider shortlisting this service.

Review and Technical Testing By: Laura Iannini