Lieberman Software Enterprise Random Password Manager (ERPM)
Strengths: A lot of automation capability and integration through the API.
Weaknesses: None that we found.
Verdict: This is a bargain for larger organizations – if the functionality is adequate for the needs.
The Lieberman Enterprise Random Password Manager provides a secure repository for storing and managing access to privileged accounts and their associated passwords. This product is designed with automation at the core. Once deployed, the Enterprise Random Password Manager can search the environment for systems, determine the privileged accounts, set passwords to those accounts and manage who has access. All this is done on an ongoing basis to ensure all privileged accounts are pulled into the system to be managed. All collection of system information is done without the use of agents and is integrated with Active Directory for managing access policy to users and groups.
This product can be deployed in several different ways, including a software installation on a physical or virtual server or as a cloud deployment using Amazon, Azure or Rackspace. After installation is complete, all management is done using a management console application. We found the overall design to be easy to navigate and intuitive to use. From within the console, policy can be set directly using Active Directory groups or users. Systems can be directly managed from within the console as well. Users can access systems or credentials by logging into a web-based portal and seamlessly launching sessions directly into systems from the browser or viewing credentials directly depending on policy.
Aside from allowing users to easily access systems securely with privileged accounts, this product also can incorporate with system or service accounts. The tool uses service account pooling to ensure that changes to service accounts are made in an organized fashion, which prevents distributed service accounts from being locked out or disabled. Enterprise Random Password Manager becomes the point from where all sessions are launched. This way, all session activity can be logged for auditing and compliance purposes. All remote sessions are recorded and can easily be played back right within the management console.
Documentation included installation and administrator guides. The installation guide provided clear detail on the software install process of the product and the administrator guide provided setup and configuration details. We found both guides to be well-organized and to include clear step-by-step instructions, screen shots and configuration examples that were easy to follow.
Lieberman offers 16/5 telephone- and email-based technical support at no cost to customers. Customers requiring 24/7/365 assistance can purchase a plan in one-, two- or three-year increments. Aside from phone and email support, all customers can access a small support area via the Lieberman website. While not a full support portal, this area does include a knowledge base as well as a user forum and some documentation downloads.
At a price of $30,000 - fully licensed with one year of support included and no extra per user or system costs - we find this product to be an excellent value for the money. The Lieberman Enterprise Random Password Manager offers a good balance of automation and granular policy to easily secure privileged and service accounts throughout the enterprise.