Standing shared accounts are a PAM problem Ixiea addresses at the gateway — and in the account layer underneath. Discovery, rotation, and push keep target credentials current while operators authenticate as themselves.
Discover
Scan assets
Rotate
Scheduled cadence
Push
Provision accounts
Credential store
Rotated values
Gateway
Brokered inject
Keep target credentials current. Operators still authenticate as themselves.
Scheduled discovery tasks scan assets for local and service accounts the security team did not know existed. Results land in the asset account inventory with platform metadata — so reviewers can reconcile what is on the host versus what policy allows, without a spreadsheet audit.
web-01
db-02
k8s-03
Account inventory
Rotation policy
every 30d · prod-db class
Vault updated
prod-db-02 / oracle_svc
Next session injects new secret — operators never see it.
Change-secret automations rotate privileged passwords on a cadence you define — per platform, per account class, or after a session ends when policy requires it. Rotated values stay in the vault; the next brokered session injects the current secret. Operators never receive a copyable password.
Push automations provision or update accounts on targets from a template — useful when onboarding fleets or enforcing a standard service account across a node group. Push pairs with discovery so drift is visible: discovered accounts that never matched policy surface for cleanup.
Push template
svc-pam · locked shell · sudoers drop-in
node-a
svc-pam ✓
node-b
svc-pam ✓
node-c
svc-pam ✓
node-d
svc-pam ✓
Drift vs discovery → cleanup ticket
Ixiea gateway
Pull secret · inject at handshake · record session
No clipboard · no standing password
Rotation and push feed the same credential store the gateway uses at connect time. Discovery informs what needs rotation; brokering ensures humans never hold standing secrets. Audit shows who opened a session and what ran — not who copied a password from a ticket.
Operational docs
Related guides
Entitlements follow people and roles from your IdP, not network location or shared accounts.
Time-bound, approval-gated elevation with automatic revocation when the window closes.
Inject credentials at connect time, operators never see or hold standing secrets.
Ready to evaluate?
Walk through gateway brokering, recording, and audit exports in a working session — or browse the illustrated product flow first.
