Advanced solutions for a secure digital future

WALLIX protects identities and access to IT infrastructure, applications, and data. Specializing in Privileged Access Management, WALLIX solutions ensure compliance with the latest IT security standards and protect against cyber-attacks, theft and data leaks linked to stolen credentials and elevated privileges to sensitive company assets.

Privileged Access Management WALLIX Bastion

European Leader In Privileged Access Management
Easy to use and easy to deploy, the WALLIX Bastion PAM solution delivers robust security and oversight over privileged access to critical IT infrastructure. Reduce the attack surface and meet regulatory compliance requirements with simplified Privileged Access Management.

WALLIX is named an “Overall Leader” in the KuppingerCole Analyst 2020 Leadership Compass for Privileged Access Management – Download the report to learn more!
Comprehensive Access Security Features

Session Management
 Defend your critical assets from cyber-attack with powerful and easy-to-use Privileged Session Management capabilities. Achieve cybersecurity compliance requirements and monitor privileged session activity, all while increasing IT admins’ productivity and enabling and easy control over privileged access.
The WALLIX Session Manager offers IT leaders a powerful solution to manage, control and audit access to network assets with strong security posture ensuring that only the right person has access to the right IT resources.

Password Management
Securely store credentials in a controlled vault and protect passwords against theft and sharing thanks to high-end encryption. Eliminate the use of passwords written on sticky notes or stored in unsecured Excel files, or worse, saved in clear text scripts for all to discover. Leverage high-level password security controls as well as Application-to-Application Password management for tight control over privileged credentials.
The WALLIX Password Manager enables IT leaders to easily control and manage their passwords, secrets and credentials. It operates with the WALLIX vault or integrates with third-party vaults to protect and enhance existing investments.
Access Manager
Enable secure remote access for IT administrators and external providers to connect safely from anywhere with secure-by-design capabilities; empower your IT team to ensure that only the right person can access the right resource for the right purpose.
Eliminate the need to open an RDP, SSH, or Telnet connection thanks to the Access Manager’s HTML5 browser-based connectivity with session management. No additional plugins or fat clients needed on endpoints, and no untraceable VPN infrastructure to secure access to critical resources.
The WALLIX Access Manager offers advanced multi-Bastion Global Search capabilities for privileged session forensic analysis and can distinguish tenants spanning across several Bastion instances, for a global multi-tenant Privileged Access Management architecture.
Admin rights can introduce critical vulnerabilities to your vital assets. Ensure that the right privilege is granted to the right user at the right time, without compromising productivity.
Privilege Elevation and Delegation Management offers Least Privilege control over access rights to your most sensitive IT resources. Eliminate overprivileged users and minimize security risks without impeding your teams’ productivity.
Enable DevOps and Robotic Processes to automatically access critical IT resources in real time without vulnerable, hard-coded credentials left in scripts. The AAPM module is an easy-to-install software that works with Ansible, Terraform, and other similar tools to allow sealed access to target passwords stored in the WALLIX Bastion Vault.

Endpoint Privilege Management powerful Least Privilege security
Innovative Least Privilege Endpoint Security
Eliminate the need for user accounts with elevated permissions thanks to innovative endpoint privilege management. Achieve unparalleled security across all endpoints with permissions controlled at the application and process level – without impacting user productivity.

White / Grey / Black Listing
White list for corporate applications, gray list for dangerous applications, blacklist for malware.
  • Eliminate privileged accounts and local admin rights
  • Grant application-level and process-level privileges to carry out authorized administrative tasks (White list)
  • Reduce privileges of potentially dangerous applications (email clients, browsers, etc. with internet access) to deny access to sensitive resources, regardless of user’s elevated privileges (Grey list)
  • Stop malware, ransomware, and cryptoviruses from executing or encrypting files
Local Group Membership
Take a proactive approach to endpoint security, compared to traditional endpoint management tools, implementing application-level privilege management.
  • Eliminate privileges in user accounts
  • Manage user-level privileges in addition to application and process privileges
  • Assign user accounts to group memberships
  • Set time limits for user sessions, automatically terminating the session when the time limit is reached
  • Simplify IT administrator workloads

Password Rotation

Put an end to shared passwords used on countless endpoints and tools across local administrator accounts.
  • Guarantee each password is unique per computer, account, and day
  • Manage password rotation simply and effectively – a given password is only valid on that computer, on that day and time
  • Trace attempts to change a password
  • Predict future password iterations without connecting to the network

Ransomware Control

Detect encryption attempts in real time to stop ransomware in its tracks with a near-100% success rate, unlike other technologies
  • Automatically detect when a process intends to perform an encryption operation, before it is carried out
  • Stop the process and execute automated rules for response
  • Define rule actions based on standards or administrator thresholds
  • Store encryption keys to decrypt at a later date

Application Management

Manage and control all key business applications through an innovative and easy-to-use portal, leveraging BestSafe’s unique process-level privilege management technology
  • Install applications on-demand, or deploy automatically and unattended
  • Users perform software installations themselves, without holding administrator privileges or burdening the IT team
  • The SDM flexibly and efficiently deploys updates, repairs, admin or maintenance tasks, emergency distributions and uninstallations, without the need for user interaction or elevated privileges
  • Delegate administrative tasks to endpoint users, without granting administrative rights
  • Maximize security with no impact on productivity or performance

Unify, Secure, and Simplify User Access
Simplify and secure access to key business applications from a centralized platform. Protect strategic assets, increase efficiency and productivity, and improve user experience for both application users and administrators.

Identity Management Features

Central Directory
Gather your identity sources into a single identity referential to easily control access rights in one centralized location.
  • Support for Active Directory, Azure AD, LDAP directories, and Google G Suite directory
  • Import as many directories as needed into your WALLIX Trustelem platform
  • Complete or partial directory import, based on group membership and attribute filtering
  • Import of group memberships and user attributes to define proper access management policie


Provide users with a Single Sign-On experience to remove the burden of managing a different password for each target application and entering credentials again and again.
  • User dashboard displaying all applications to which the user has access rights
  • Integrated Windows Authentication and X.509 client certificates support to access the user dashboard with no login form
  • Identity federation through SAML, OpenID Connect, and OAuth protocols
  • Pre-integrated applications such as Office 365, G Suite, Salesforce and many others


Choose from an array of Multi-Factor Authentication mechanisms to fit the specific requirements of your different populations, because there is no one-size-fits-all MFA solution.
  • Trustelem Authenticator: a mobile application offering a strong authentication solution which is both secure and easy to use. Within network coverage, Trustelem Authenticator receives push notifications. When the device is offline, the application generates a 6-digit code. In addition to users locking their device, the application can be fingerprint-protected or require a four-digit PIN.
  • OTP over SMS authentication: a simple and practical solution, widely known by users in other contexts
  • FIDO 2 security devices: can be used through the WebAuthn protocol to implement multi-factor authentication based on USB or NFC physical keys. WALLIX Trustelem supports all FIDO2-compliant devices, including ANSSI-certified devices.
  • Google Authenticator or any RFC 6238-compliant OTP generation mobile application is supported by WALLIX Trustelem for multi-factor authentication
Offer users a self-service solution for simplifying and streamlining management of credentials.
  • Active Directory Self-Service Password Reset (SSPR) allows users to re-initialize their Active Directory password independently, after re-authenticating with one or more add-on solutions such as the Trustelem Authenticator mobile app, an SMS, one or more secret questions, a link sent by email, or other solutions
  • The user dashboard suggests renewing the Active Directory password either spontaneously or upon expiration
  • Users are prompted with MFA enrollment procedures when they access their dashboard or a specific target application, so that enrollment is fully autonomous. Administrators control which user or group is prompted for auto-enrollment of the MFA solutions

Strong Authentication for Uncompromised Security

WALLIX Authenticator offers strong, multi-factor authentication to protect access to IT, applications, and data, with a high-security connection wherever you are.

Zero Trust Security

The zero-trust principle requires proof of identity to enable access wherever you are. Prevent unauthorized access, reduce data breaches, and mitigate the risk of lateral movement to protect the entire IT environment without any technical constraints for users.

Easy Integration with the WALLIX Solutions Suite

Complete the WALLIX Bastion PAM solution and gain even stronger security for remote access via the WALLIX Access Manager. Integrate MFA with the WALLIX Trustelem SSO platform to benefit from contextual and adaptative authentication.

Secure Remote Access

Confirm the identity of your employees, partners, and contractors no matter where they are and reduce the risk of stolen passwords from phishing or other attack methods. Security made easy for remote workers and all digital interactions!

ชื่อไฟล์ ประเภทไฟล์