KeeperPAM

Overview

KeeperPAM is a next-gen privileged access management solution that secures and manages access to critical resources, including servers, web apps, databases and workloads.

KeeperPAM consolidates enterprise password management, secrets management, connection management, endpoint privileged management, zero-trust network access, remote browser isolation and a cloud-based access control plane in one unified product.

To learn more about KeeperPAM or sign up for a trial:

• KeeperPAM Website

About this Documentation

This documentation is broken out into the following sections:

• Privileged Access Manager

• Endpoint Privilege Manager

• Secrets Manager

• Commander CLI

Additional documentation on the Keeper platform can be found here:

• Enterprise Admin Guide

• Keeper Connection Manager (self-hosted)

• Documentation Home

KeeperPAM vs. Keeper Connection Manager

KeeperPAM is a cloud-native privileged access solution that requires only a lightweight gateway installation, while Keeper Connection Manager (KCM) is a fully self-hosted solution.

KeeperPAM works through outbound-only connections with zero-knowledge encryption, eliminating the need for inbound firewall rules or direct line-of-sight to resources. In contrast, KCM is fully hosted by the customer with control over the authentication, database, web server, reverse proxy and session recordings.

Customers who purchase KeeperPAM may use either the cloud version (described in this documentation) or the self-hosted connection manager as part of the license.

Features

KeeperPAM provides the following capabilities:

• Zero-trust connections launched from the Vault

• Tunnels established from the Desktop App for ZTNA

• Sharing connections without exposing credentials

• Sharing tunnels on a time-limited basis

• Built-in SSH Agent for use with and without tunneling

• Launching remote browser isolation sessions

• Session recording and playback

• File transfer with drag-and-drop

• Splitting credentials between PAM Resources and PAM Users

• Discovery of resources

• All new Keeper Gateway setup wizard

• Docker-based deployment of the Keeper Gateway

• Role-based enforcement policies covering PAM use cases

• Event reporting of all PAM activity with SIEM integration

Contact the Keeper Team

If you are an existing customer, your customer success team can activate KeeperPAM in your account.

• Contact our team

For technical questions, you can also email pam@keepersecurity.com.

Next Steps

• Start the setup of KeeperPAM

• Launch the Quick Start: Sandbox

• Deep dive into the Getting Started guide for KeeperPAM