Sold by: Ekran System Inc.
Ekran System is an insider risk management solution which helps organizations mitigate insider threats by deterring, detecting, and disrupting threats from internal users of their IT infrastructure. Enterprises can achieve the highest level of insider threat protection for cloud, on-premises, and hybrid environments by implementing Ekran System.
Sold by: Ekran System Inc.
Overview
Being a full-cycle insider risk management platform, Ekran System provides you with a complete set of tools to detect, deter, and disrupt insider activity in your AWS environment.
How can Ekran System help you?
- Verify user identities with the help of 2FA, personalizing shared and default accounts to increase their security and accountability.
- Manage user access. Decide which users can access which AWS instances and configure their rights in several clicks. Handle requests for accessing the most sensitive resources and use the built-in password manager to secure credentials.
- Monitor all employee activities in your AWS environment and store records in highly optimized formats for security audits.
- Detect suspicious events with customizable alerts and an AI-based UEBA module.
- Respond to incidents in a timely manner by stopping the active application, blocking the user's session, or sending the user a warning message. Set the system to respond automatically.
- Conduct investigations and security audits. Generate reports about user activity and export evidence trail in secured formats for investigations.
Why do organizations choose Ekran System?
- Full support of on-premises, virtual, and cloud endpoints.
- Enterprise-ready solution ensuring high availability and disaster recovery
- Compliance with IT compliance standards
- Quick deployment with no need for complex configurations and infrastructure changes
- Low total cost of ownership
For custom orders, please contact: aws-marketplace@ekransystem.com
Highlights
- Deter insider threats via access control and identity management united into a single endpoint agent. This includes privileged access and session management via a jump box, password management, request access workflow, two-factor authentication, etc.
- Detect security incidents with monitoring and alerts. Monitor, record, and audit all user activity on critical endpoints, critical data, and critical configurations. Benefit from its customizable rules and AI-powered user behavior analysis.
- Disrupt insider threats by receiving real-time notifications with the full context of security events. Incident response features include user warning and blocking, potentially dangerous process blocking, and USB device alerting and blocking.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Win2022 21H2
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Type | Cost |
|---|---|
EBS General Purpose SSD (gp3) volumes | $0.08/per GB/month of provisioned storage |
Vendor refund policy
Refund is considered via a request to the Sales team at aws-marketplace@ekransystem.com
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
New Features:
- [Reports:] Two new report types (called Access Request Grid report and Secondary User Authentication Grid report) have been added.
Improvements:
- [Pseudonymizer:] Any Management Tool users in the default "Supervisors" group can now add specific endpoint users to the new "Users to Exclude from Pseudonymization" list, so that all "Supervisors" can view the de-anonymized data of these endpoint users.
- [Forensic Export:] A new "Comment" field has been added to the Session(s) Forensic Export pop-up window that is displayed while performing a forensic export, which can be used to e.g. help investigators see why a forensic export was required and who requested it (as displayed in the new "Comment" column on the Forensic Export History tab).
- [The User Activity Recording Parameters (for Windows Clients):] The "Record user activity only on alert or USB monitoring rule triggering" parameter no longer records the start and end (i.e. the first 4 minutes and the last 4 minutes) of a session if no alert (or USB monitoring rule) was triggered) in the session.
- [Monitoring Linux Clients:] Various third-party libraries that are used by Linux Clients have been updated to fix vulnerabilities identified.
- [Linux Client Requirements:] Compatibility to monitor various versions of Linux OS has been verified.
Issues Fixed:
- [Windows Clients:] In certain cases, Windows Clients with an IPv6 address could not connect to the Application Server - fixed.
- [Opening the Management Tool:] Performance issues in certain cases while logging in to the Management Tool - fixed.
- [Updating the Application Server:] "The login is from an untrusted domain and cannot be used with Windows authentication" error occurred when using a Windows account with Kerberos authentication to connect to the MS SQL database during an Application Server update - fixed.
- [Using Secrets:] The credentials were not auto-filled in the corresponding fields after connecting using a Web Account secret- fixed.
- [Monitoring Windows Clients:] All user activity was recorded despite the "Record user activity only on alert or USB monitoring rule triggering" option being enabled - fixed.
- [Viewing Monitored User Activity:] The wrong username was displayed in some cases when monitoring AWS AppStream - fixed.
- [Monitoring Windows Clients:] The Windows Client failed to detect the Remote IP address / hostname in certain cases when using TightVNC - fixed.
- [Forensic Export:] The Management Tool user was logged out with the "You don't have permission to access Syteca Management Tool..." error while performing a Forensic Export - fixed.
Additional details
Usage instructions
Once the EC2 instance is launched, it could take up to 15 minutes for Ekran System to be ready for use. There are three components preinstalled and configured:
- Ekran System Application Server
- Ekran System Management Tool
- PostgreSQL Server
Accessing the Ekran System Management Tool To start using Ekran System, access the Ekran System Management Tool in one of the following ways:
- Via the EC2 instance: Connect to the EC2 instance via RDP. Then, use the shortcut on the desktop or enter the following address in the browser: https://ekransystem-srv/ekransystem/
- Outside of the EC2 instance: Allow the 443 port (HTTPS) in the security group settings and use the public name or IP address of the instance (e.g., https://<public_ip_dns>/ekransystem/)
Use the credentials of the default administrator to log in to the Management Tool: Username: admin Password: Ekran-<EC2 instance ID> (e.g., "Ekran-i-0eafddd4122cdb47e")
Installing Agents In the Ekran System Management Tool, you can download the Ekran System agent and install it on the endpoints you wish to monitor. For more information on how to install agents and use Ekran System, refer to Ekran System's knowledge base: https://documentation.ekransystem.com/view
Accessing the SQL Server Use the following credentials to access the SQL Server: Username: postgres Password: <EC2 instance ID> (e.g., "i-0eafddd4122cdb47e").
Storage Usage There are two additional disks attached to the EC2 instance for better performance and management:
- The "D" disk stores SQL Server data
- The "E" disk stores Ekran System's binary data
The initial size of each disk is 30 GB. You might need to expand the size of these disks depending on the number of endpoints you wish to monitor and the period of time you want to keep the monitoring data. For information on how to monitor storage usage, refer to Ekran System's knowledge base: https://documentation.ekransystem.com/view/storage-usage
Deployment FAQ: https://ekransystem.s3.amazonaws.com/docs/EkranSystemDeploymentFAQ.pdf
Resources
Vendor resources
Support
Vendor support
Support contact:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Ekran System Insider Risk Management Solution with MS SQL Database
By Ekran System Inc.
Ekran System is an insider risk management solution which helps organizations mitigate insider threats by deterring, detecting, and disrupting threats from internal users of their IT infrastructure. Enterprises can achieve the highest level of insider threat protection for cloud, on-premises, and hybrid environments by implementing Ekran System.
Customer reviews
No customer reviews yet
Be the first to write a review for this product.