1. Introduction

In modern IT environments, Privileged Access Management (PAM) has become a critical security measure to protect organizations from internal and external cyber threats. PAM refers to the tools and processes used to manage, monitor, and control access to accounts with elevated permissions—typically administrator or root-level accounts. These privileged accounts are a prime target for attackers, as they can grant unrestricted access to sensitive systems and data if compromised.

To further enhance control over access, many organizations deploy a secure access point known as an Admin Bastion. While this project explored the concept of an Admin Bastion, our implementation relied on ManageEngine PAM360’s built-in proxy and remote session management capabilities to serve the same purpose. PAM360 enabled secure access to critical systems without exposing credentials or allowing direct connections, effectively functioning as a logical bastion host.

The goal of this project is to design, configure, and test a Privileged Access Management lab using PAM360 and demonstrate various real-world use cases. The lab includes infrastructure components such as Active Directory, target servers, and test clients in an Azure-based environment. Through this setup, we aim to showcase how PAM solutions help organizations monitor, detect, and prevent unauthorized privileged access to critical systems—ultimately reducing the risk of credential theft and privilege abuse.