Symantec Privileged Access Management

  • 1.  Filtering command in windows -powershell

    Posted Jul 04, 2018 12:28 PM

     Hello!, is possible to configure the filtering of commands with blacklists and whitelists in a windows endpoint. Filter command in PowerShell?



  • 2.  Re: Filtering command in windows -powershell

    Posted Jul 04, 2018 09:53 PM

    Hi,

     

    Can you elaborate more on what you are trying to achieve?

    From what I read, it appears you want to allow or restrict commands that are entered in to powershell command-line?

     

    For example, users are to be allowed to run "dir" command but restrict running "iisreset" command?

     

    Kim



  • 3.  Re: Filtering command in windows -powershell
    Best Answer

    Broadcom Employee
    Posted Jul 05, 2018 09:16 AM

    Hello Adolfo, Please check our online documentation at https://docops.ca.com/ca-privileged-access-manager/3-2/EN/implementing/provision-your-server/provisioning-devices/set-up-command-filters. You will find the following text:

     

    Command filters are CA Privileged Access Manager access restrictions that prevent commands that you specify from executing. Command filter lists can be used to enforce policy in the command line applets TELNET, SSH, and serial consoles. Command filters are not intended to be used with, and do not work on, Windows Devices.



  • 4.  RE: Re: Filtering command in windows -powershell

    Posted Apr 13, 2020 10:04 AM
    Hi @Ralf Prigl,

    As I understand , command filters do not work on windows devices . Does this remain same for latest version 3.3.2 ? Are there any plans to have such feature in future releases ?


  • 5.  RE: Re: Filtering command in windows -powershell

    Broadcom Employee
    Posted Apr 13, 2020 10:59 AM
    Hello Pankaj, In future PAM will be integrated with PAM SC. Server Control has a Windows Agent that could be used to control what users are allowed to execute. The old command filter option in PAM cannot be implemented for graphical sessions like RDP.