PAM Remote Browser
KeeperPAM resource for managing remote browser isolation access to a protected web application
Last updated
Was this helpful?
KeeperPAM resource for managing remote browser isolation access to a protected web application
Last updated
Was this helpful?
A PAM Remote Browser is a type of KeeperPAM resource that represents a remote browser isolation target, such as a protected internal application or cloud-based web app.
PAM Remote Browser
Any http:// or https:// web application, on-prem or in the cloud
KeeperPAM remote browser isolation records provide secure access to internal and cloud-based web applications through a protected browser, embedded within the vault. This browser is projected visually from the Keeper Gateway through the Keeper Vault, isolating the session and providing zero-trust access.
The PAM Remote Browser resource supports the following features:
Zero-trust Connections over http:// and https:// websites
Session recording
Sharing access without sharing credentials
Autofill of linked credentials and 2FA codes
URL AllowList patterns
Navigation bar
Connecting to the protected web application requires only that the Keeper Gateway has access to the target website. The Keeper Vault operates independently and does not require direct connectivity to the website, leveraging Keeper's zero-trust network access model to securely manage access through the Gateway. See the network architecture diagram for more details.
Prior to creating a PAM Remote Browser, make sure you have already created a PAM Configuration. The PAM Configuration contains information of your target infrastructure while the PAM Remote Browser contains information about the target web application and associated access rules.
To create a PAM Remote Browser:
Click on Create New
Select "Connection"
On the prompted window:
Select "New Record"
Select the Shared Folder you want the record to be created in
Specify the Title
Select "Browser" for the Target
Click "Next" and complete all of the required information.
The following table lists all the configurable fields on the PAM Remote Browser Record Type:
URL
IP or Website address
Required The target URL only needs to be accessible from the Keeper Gateway
On the "PAM Settings" section of the vault record, you can configure the KeeperPAM Connection and link a PAM User credential for performing autofill.
PAM Configuration
Associated PAM Configuration record which defines the environment
Required
Browser Autofill Credentials
Linked PAM User credential used for autofill
Protocol
Native protocol used for connecting from the Gateway to the target
Required
Additional information on Remote Browser Isolation is available at this page.