Wallix Bastion

Wallix Bastion secures and controls privileged access across your IT and OT environments. It allows you to centralize admin connections, enforce least-privilege access, and maintain a complete audit trail, all without handing out direct credentials or allowing unmanaged remote access to critical systems.

Why teams choose this series

• Centralized Access: Establish strong governance and audit-ready traceability for all privileged entry points.
• Session Security: Control, monitor, and record sessions to support investigations and meet compliance standards.
• Credential Control: Use password vaulting to reduce the risk of credential exposure.
• Broad Protocol Coverage: Manage mixed infrastructures with support for RDP, SSH, and other protocols specific to your environment.
• Streamlined Procurement: Benefit from expert sizing (based on users/sessions/assets), clear deployment guidance, and defined compliance workflows.

Wallix Bastion At a Glance

• The Platform: A Privileged Access Management (PAM) solution for controlling and tracing privileged sessions and access to critical systems.
• Best For: Admin access governance, third-party vendor management, regulated environments, and mixed IT/OT infrastructures.
• Licensing Model: Available as a subscription (packs + add-ons) or perpetual/legacy agreements. Sizing relies on users, concurrent sessions, and protected resources.
• Activation: Performed via a license key update in the product interface; supports workflows for both connected and isolated environments.
• Required Data: Number of privileged users (named users), expected concurrent sessions, number of managed assets/targets, required modules, and term preference.

License Overview

The Wallix Bastion license uses a key mechanism to encode your agreement and validate usage. Whether you use a subscription pack (with optional add-ons) or a legacy agreement, the license properties track your specific entitlement limits, such as expiration dates, named user capacity, and concurrent connection thresholds.

Inside the product, these controls govern concurrent connections to the Bastion (often treated as “primary” connections) and concurrent connections to targets (treated as “secondary” connections), alongside the count of protected resources (devices/applications) managed by the platform. If you purchase specific modules, entitlements will also apply to session-related capabilities and password management add-ons.

Operationally, activation is straightforward: you generate a context file, obtain a license key update from the vendor support workflow, and update the key in the administrative interface. The procurement goal is to align the pack and modules to your environment, confirm the correct limits (users/sessions/assets), and match the term and support level to your operational requirements.

What happens after purchase

 Once you secure your entitlement package for the selected modules and capacity, your admin downloads the license context JSON file from the Bastion License page. You submit this through the WALLIX Support portal, receive the signed license file, and upload it to the UI to activate your entitlements (users/sessions/assets). This grants you:

• Use of the modules and capacity sized in your order.
• Access to updates and documentation via standard vendor channels.

Product Overview

Wallix Bastion sits strictly between your administrators (including third parties) and your critical targets, acting as a controlled access gateway. Rather than letting users connect directly to servers, network devices, or OT systems, the platform brokers access so you can enforce policy, capture evidence, and reduce credential exposure.

Core Technical Flow

1. Centralize Entry Points: Users connect to Bastion first, then launch approved sessions to targets (RDP, SSH, etc., based on your environment).
2. Control & Trace: The system monitors and records sessions to create an audit trail for investigations and compliance.
3. Vault Credentials: Password Manager capabilities protect privileged credentials and prevent direct password exposure.
4. Govern Access: Access Manager controls handle approvals and policy-based authorization, defining who can access what, when, and how.
5. Modular Coverage: You utilize major PAM building blocks like Session Manager, Password Manager (Vault), Access Manager, PEDM, and AAPM (availability depends on the modules you purchase).

Ordering Guide and Pricing

If you are selecting Wallix Bastion for a new PAM rollout or a refresh, ordering is driven by the number of privileged humans (and service accounts) you must govern, the concurrent sessions expected during peak operations, and the assets/targets you need to protect.

Module scope is equally important. Organizations often start with session control and expand into password vaulting, approvals, and broader privileged governance as their audit requirements and operational maturity grow.

To size the order quickly: Confirm named users + concurrent sessions + protected resources/targets + required modules + term + support level.

Wallix Bastion Pricing Factors:

• Term: Subscription duration (annual or multi-year).
• Capacity: Sizing of named users and/or concurrent sessions.
• Scope: Number of protected resources (devices/applications/targets).
• Features: Selected modules/add-ons (session, vault, governance).
• Constraints: Support level and deployment needs (regulated vs. standard).

For the fastest quote: Send your user count, peak concurrent sessions, number of targets/assets, required modules, term preference, and compliance constraints.

Quick Guidance

• Know your sizing? Send the user/session/asset counts, and we will map the package immediately.
• Need help? Write “Help me choose” and share your environment type (IT/OT), admin/vendor count, and peak access windows.

Wallix Bastion Activation Guide

Wallix Bastion supports practical activation workflows for both connected networks and tightly controlled environments using a license key update process.

Connected / Online Activation

1. Admin UI: Download context file.
2. Submit via support workflow.
3. Receive license key update.
4. Update key in product.
5. Compliance maintained.

Controlled / Offline Activation

1. Generate context file in the isolated environment.
2. Transfer to an internet-connected workstation.
3. Submit via support workflow.
4. Receive license key update.
5. Transfer back and update key in product.
6. Compliance maintained (no direct internet needed on the Bastion).