Devolutions Server
Self-hosted credential manager built for IT professionals
Free
Edition
For teams of up to 10 users
*Remote Desktop Manager Team is required.
Team, Enterprise & Platinum Editions
For teams, small and medium-sized businesses,
and MSPs
- Self-hosted shared credential vault
- Secure credential injection and connection launching
- Multi-factor authentication
- SSO integrations - local AD, Entra ID (Azure AD)
- Role-Based Access Control system
- Detailed access and audit reports
- Seamless Remote Desktop Manager integration
- Privileged Access Management capable
- Devolutions Gateway support
- SSO integrations - Okta and PingOne
Secure, control, and monitor access to credentials
Managing credentials and controlling access to endpoints are of the utmost importance for every organization, regardless of size. As the concern for insider threats and data breaches grows, the demand for solutions is also reaching an all-time high. Unfortunately, the majority of existing solutions continue to primarily focus on meeting the needs of large-scale organizations. This results in solutions less suited to the specific needs of IT professionals and the SMBs they serve, as these solutions tend to be overly complex, challenging to deploy, and beyond budget. This dilemma drove Devolutions to create solutions specifically designed to meet the growing needs of small and medium-sized businesses. Devolutions Server offers the highest level of security for your teams without compromising their efficiency.
What is Devolutions Server?
Devolutions Server is a self-hosted shared account and credential management solution with optional privileged access components. It deploys rapidly, implements easily, and integrates well with the tools IT professionals are currently using. Devolutions Server is designed to meet the ever-expanding security requirements of teams of all sizes, while remaining user friendly for the end-users.
COMPARE EDITIONSLooking for the lower maintenance and easy setup of a cloud-based solution? Take a look at Devolutions Hub and enjoy many of the same features of Devolutions Server, but hosted securely by Devolutions!
Request a live demo
Our team is dedicated to helping you get the most out of our solutions.
SCHEDULE YOUR LIVE DEMOPowerful integrations
Remote Desktop Manager for Teams
Unlock Devolutions Server’s full potential by integrating it as a back-end data source for Remote Desktop Manager’s (RDM) powerful remote connection capabilities, automation tools, and wide range of IT integrations.
Improve your security posture without sacrificing your IT personnel's productivity.
Secured connection launching
Securely establish sessions and remote connections to servers, websites, and applications using vaulted credentials without exposing them to the user.
Automation tools and workflows
Use playlists, macros, and PowerShell scripts to automate daily tasks, update end-points, and perform maintenance.
Gated and temporary access
Incorporate gated checkouts of remote sessions/credentials or grant temporary access to sessions in a matter of seconds.
Devolutions Privileged Access Management
Control, monitor, and secure elevated access and permissions for users, accounts, processes, and systems across your organization, while supporting governance standards and compliance requirements. Shrink the size of your organization’s attack surface and reduce the likelihood and severity of breaches caused by hackers, or due to insider misuse and negligence.
Account discovery
Easily discover privileged accounts (user, system, admin, service, database, etc.) from various account providers.
Password rotation policies
Enforce password rotation upon check-in of a privileged account, or schedule password rotations. This changes both the credentials for the system and those stored in Devolutions Server.
Checkout request approval
Users can easily ask admins to checkout privileged accounts. Admins are automatically notified and can grant or reject the request as appropriate.
Devolutions Gateway
As many IT professionals know, traditional VPNs are notoriously difficult to set up and manage. Remote IT workers often need access to only a few resources. What if you could pair Devolutions Server (DVLS) with an easy and secure just-in-time (JIT) connection to private network resources without all the setup and overhead a traditional VPN needs?
With Devolutions Gateway, secure RDP, SSH, VNC, and other connections on-demand!
Web-based RDP, SSH, VNC, and more!
Easily and securely launch web-based remote connections directly from your Devolutions Server web-interface using the Gateway. No more complicated VPN setups needed.
Session recording
Use the built-in recording server to save remote session recordings locally or remotely.
Better logging and reporting
Improve visibility since just-in-time connections make detailed session tracking and auditing possible.
Features and highlights
Self-hosted credential vault
Securely store and manage credentials within your organization's infrastructure.
Centralized vaulting
Store all your passwords and credentials in a secure vault. Log in everywhere using Devolutions Workspace Browser Extension.
Organize entries with multiple vaults
Organize unlimited entries in unlimited vaults to easily manage massive numbers of entries, documents, and other sensitive data.
Per-user personal vault
A user-specific vault allows users to store privileged accounts that only they can access.
Learn moreSingle sign-on (SSO)
Quickly and securely access Devolutions Server using your organization’s Identity Provider (IdP).
Multiple identity providers (IdP)
Supports Windows Active Directory, Entra ID (formerly Azure AD), Okta, and PingOne identity providers.
Import users for automatic creation
Automatically create user accounts and define user access based on directory group membership.
User lifecycle management
Easily onboard and offboard users from the administration interface.
Learn moreSecure access to critical entries
Set flexible and granular permissions based on user roles.
Role-based access control (RBAC)
Use granular access controls. All restrictions are predefined and enforced by a role-based access control.
Integration with directory groups
Use your existing Active Directory or Entra ID groups to apply permissions quickly and easily to your users.
Custom & built-in permission sets
Apply permissions faster with predefined or custom permission sets.
Learn moreConditional access policies
Validate identities through multiple layers of security.
Detailed logs and reporting
Generate comprehensive access and audit reports to meet compliance requirements.
Audit trail
Monitor, verify, and analyze the time a Devolutions Server user spends on a specific endpoint for auditing purposes..
Activity log
Record the information about when, what, and who acted on an entry. Monitor all opened sessions for all users.
Real-time connections
Know exactly who is connected to sessions in real time. If needed, stop a user's session directly from the report.
Learn moreRemote Desktop Manager integration
Increase security and productivity with Remote Desktop Manager, the industry's best cross-platform remote connection tool.
Launch connections
Establish connectivity to servers through a wide range of integrations, such as RDP, SSH, VNC, ARD, SFTP, and more!
Execute macros and scripts
Run updates, automate tasks, and retrieve system information across all your devices with intuitive tools for scripting.
Record sessions
Leverage higher compliance and security with the ability to record sessions and securely store the recordings with Devolutions Gateway.
Learn moreManaging shared passwords via Devolutions Server
Is your IT staff constantly finding passwords under keyboards? Password management is difficult, and the more complicated the environment, the more involved management becomes.
With a modern web interface, support for role-based access, and Active Directory integration, you can be confident that your passwords are securely stored and accessible to just those who need them. No more passwords in text files on desktops or under keyboards.
Increase your organization's security with the on-premise Devolutions Server and easily manage your team's shared passwords!
Combining Remote Desktop Manager with Devolutions Server
As powerful as Remote Desktop Manager (RDM) is, what if your organization needs enhanced reporting, role-based permissions, and web-based access?
It’s no secret that managing credential and connection access has become complicated with so many remote workers. Protect your organization by using the in-depth auditing and reporting of Devolutions Server to ensure every connection is authentic. Make access easy with a modern web-based console, yet take connection management to the next level when paired with RDM.
Gain peace of mind with the strong security of Devolutions Server paired with the productivity of Remote Desktop Manager. Stop worrying about your password management, and focus on the work!
Combining Devolutions Gateway with Devolutions Server
With a traditional VPN, not only is access widely granted to a private network, but the setup is complex and management a headache. The question becomes, how do you secure and manage your connections while empowering those who need access?
Devolutions Server combined with Devolutions Gateway adds secure just-in-time (JIT) connections to private network resources without all the setup and overhead a traditional VPN needs.
Multi-protocol support, enhanced auditing, and in-depth logging let you ditch the VPN altogether!
Resources
Want to learn more about the benefits of using Devolutions Server? We have an extensive choice of whitepapers, infographics, and resources for you to read.
View all resourcesDevolutions Server FAQ
What sets Devolutions Server apart from other solutions, and where does it fit in the Devolutions ecosystem?
Self-hosted, budget-friendly, and easy to deploy, Devolutions Server is a comprehensive credential management solution designed for IT professionals. While it can serve as merely a data source or basic credential manager, its advanced features make Devolutions Server an excellent gateway for organizations looking to evolve toward privileged access management (PAM). Core to the Devolutions ecosystem, Devolutions Server integrates deeply with all of our products to deliver powerful capabilities, including:
- Role-based access controls, logging, and more when used as an advanced data source with Remote Desktop Manager;
- Approving requests on-the-go using the Devolutions Workspace mobile app;
- Just-in-time privilege elevation and password rotation via the PAM module;
- Access to remote network segments through Devolutions Gateway, and enabling contractor RDP access through web-based sessions.
Devolutions Server provides an accessible starting point while paving the way for enhanced security and control as organizations scale their PAM initiatives.
What environments are compatible with Devolutions Server?
Devolutions Server supports physical and virtual servers (such as Azure or Amazon Web Services). A Devolutions Server instance can be installed on a Windows Server, and supports managed MSSQL databases. Linux support is currently in beta.
How easy is it to install Devolutions Server?
Deployment is straightforward using the Devolutions Console, and can typically be completed in under an hour. A Devolutions Server instance can operate entirely on a single IIS server, with an MSSQL Express or higher database on the same system, or distributed across multiple servers as needed.
How can I organize entries in Devolutions Server?
Entries can be organized in vaults, and into tree-like folders within vaults, offering logical separation. Inheritance at the vault and folder levels simplifies management, and entries can be linked for streamlined updates.
Is there a limit to the number of entries that Devolutions Server can handle, such as credentials and sessions?
Devolutions Server does not impose a limit on the number of credentials, folders, or sessions you can create. For optimal performance, we recommend limiting each vault to a maximum of 4,000 entries, and creating multiple vaults to logically separate sessions as needed.
How many users can concurrently access an entry in Devolutions Server?
There is no limit to the number of users who can view an entry.
To preserve the integrity of entries being edited, editing access is restricted to one user at a time.
What identity providers are available for authentication?
Devolutions Server integrates with Active Directory, Entra ID (formerly Azure Active Directory), PingOne, and Okta for user authentication. Internal users are also supported for scenarios involving contractors, disaster recovery, or other external users.
What multi-factor authentication (MFA) options are available?
Devolutions Server supports MFA through TOTP apps, YubiKey, email, SMS (via Twilio), Duo, or Radius.
For organizations using Active Directory, Entra ID (formerly Azure Active Directory), Okta, or PingOne for authentication, MFA options are available through the external identity provider.
How does Devolutions Server support business continuity and disaster recovery?
Devolutions Server offers several tools for managing disaster scenarios and outages affecting infrastructure and/or Devolutions Server:
- Export entries on a schedule using PowerShell (we recommend storing them encrypted at rest in a physically secured location);
- Use an internal Devolutions Server user in an authentication outage, such as losing Active Directory or Entra ID (Azure);
- Perform scheduled database backups for rapid restoration;
- Back up encryption keys across Devolutions Server instances to ensure data accessibility. Licenses are stored internally in the database and are accessible upon restoration.
Does Devolutions Server support high availability (HA)?
HA support is available but depends on your environment and technologies. Currently, it is limited to Windows-based deployments.
What alerting, monitoring, and logging options are available in Devolutions Server?
Devolutions Server provides email and syslog notifications, with per-user customization. Alerts can be configured for specific server actions (such as backups) and errors (such as scheduler service errors).
Comprehensive logging options are available for monitoring user actions (like PAM entry checkouts) and for the instance itself. Logs can be generated and sent to syslog, Slack, or Windows Event Viewer. Devolutions Server can use any SIEM (Security Information and Event Management) that supports ingesting the syslog or Windows Event Logs.
How often is Devolutions Server updated, is it automatic, and what support is available for upgrades?
Updates are released regularly, with three major updates per year. Upgrades are performed manually to give customers control, and remote session support is available for paid subscriptions.
To facilitate safe client upgrades to Remote Desktop Manager, Devolutions Server can be set to an offline state.
How are Devolutions Server licenses priced and calculated, and what technical support is offered?
Pricing and licensing vary with each edition — Team, Enterprise, or Platinum — which determines the maximum number of users and data sources. Licenses are issued per user (20 technicians would need 20 user licenses).
Free Devolutions Server licenses are available for up to 10 users; if connecting via Remote Desktop Manager (RDM), the Team edition of RDM is required. Additionally, 5 Devolutions Server users can use Devolutions Gateway for free.
Standard technical support is included with all paid licenses. Extended and premium support is also available, offering phone support and dedicated customer success managers.
Does Devolutions Server offer an API?
Yes, Devolutions Server offers a REST API for operations like retrieving a password for down-level systems, and an extensive PowerShell module for further entry and management options.