Understand the platform before you deploy
Conceptual guides for architects and security leads, how the control plane fits together, how authorization works, and how each protocol path is brokered. For install steps and admin tasks, continue in documentation.
Platform
Platform guides
- Platform
Platform architecture
Ixiea control plane: core API, protocol connectors, recording pipeline, and audit store.
- Platform
Deployment models
Standalone, active/standby, horizontal scale, and multi-region gateway, when each fits.
- Quickstart
Your first privileged session
Fifteen-minute path from install to a brokered, recorded, identity-bound session.
- Platform
Session authorization model
How users, targets, accounts, protocols, and time windows combine into enforceable grants.
- Platform
Command & connection control
Graduated enforcement for commands and connections, permit, block, approve, mask, or alert at the gateway.
Capabilities
Capabilities guides
- Capability
Identity-bound policy
Entitlements follow people and roles from your IdP, not network location or shared accounts.
- Capability
Just-in-time access
Time-bound, approval-gated elevation with automatic revocation when the window closes.
- Capability
Secrets brokering
Inject credentials at connect time, operators never see or hold standing secrets.
- Capability
Account & credential automation
Discover accounts on assets, rotate passwords on schedule, and push credentials without manual vault hygiene.
Evaluating alternatives?
See how Ixiea compares
Head-to-head guides for VPN, legacy PAM, bastions, and other privileged access patterns.