Improve Your Compliance across UNIX and Linux Environments

Improve Your Compliance Across UNIX and Linux Environments

Baber AminBusiness Line ManagerNovell, Inc. /[email protected]

Richard BoultonNPUM Lead,Novell, Inc./[email protected]

© Novell, Inc. All rights reserved.2

Agenda

• Privileged Identities

• Privileged Identities and Compliance

• Novell® Privileged User Manager

• Demo


Privileged Identities

• Least Privilege Concept

• Dangers from Privileged Identities




Privileged Accounts


Privileged Accounts

Access to Information


Privileged Accounts


Bypass Controls


Privileged Accounts


Hacker Target

Bypass Controls


Privileged Accounts


Hacker Target

Bypass Controls

Insider Threats


Privileged Identities and Regulatory Compliance


Privileged Identities and Regulatory Compliance• Sarbanes-Oxley


Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI


Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA


Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA• GLBA


Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA• GLBA• ISO 27001


What does Novell® offer?



Who can Initiate an Action?


What Actions can They Initiate?Who can Initiate an Action?


Audit ALL Activity

Who can Initiate an Action?What Actions can They Initiate?


Centralized Management


Compliance Workflow


3 Step UNIX/Linux Compliance Solution

• 100% privileged user keystroke recording• Automated grading of activity risk level

Step 1




Step 1

• Super user privilege management• Real-time control and alerting

Step 2




Step 1

• Super user privilege management• Real-time control and alerting

Step 2

• Proactive compliance management• Auditing the auditor

Step 3

DEMO


Scenario 1: Basic Setup

PUM Agent

Privileged User Manager’s components

Linux / Unix Server

Help Desk

3

1. Help Desk accesses the POS devices (directly e.g. SSH)

2. PUM authenticates to PUM

3. Commands via keystroke are recorded and audited

4. PUM Admin authorizes events and reviews risks

PUM Framework

Auditor

4

2

1


Scenario 2: Large Environments

Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool

2. Jump-Off authenticates to PUM

3. PUM Jump-Off box creates PUM session on target

4. Commands and keystroke are recorded and audited


PUM Agent

PUM Jump-Off

PUM Framework

Help Desk

PUM Admin

3

4

2

1

5


PUM Jump-Off

Scenario 3: PUM and PoS

PUM SSH-Proxy

PUM Framework

Privileged User Manager’s components

POS Devices *

Help Desk

* Note: zero impact, no software agent installed

PUM Admin

1

2

3

45

1. Help Desk accesses the PUM Jump-Off box pool

2. Jump-Off authenticates to PUM

3. SSH-Proxy communicates to POS devices (trusted SSH session)

4. Commands via keystroke are recorded and audited


SSH

(tru

sted

cer

t)


Novell® Privileged User ManagerSSH Access via ‘Jump Box’

Provide the accountable access via SSH

Secure and manage all outbound access to corporate POS machines through ‘Jump-Off’ proxies

Reduced cost to associate every POS endpoint

Avoided impact to all POS endpoints

Audit all access to POS endpoints through Command Control which feeds into Compliance Auditor

In Closing


You Need Privileged User Management • Critical Apps on Linux / UNIX



• Linux / Unix Server




• Verify and Audit actions


You Need Privileged User Management• Critical Apps on Linux / UNIX


• Verify and Audit actions

• Admin credential proliferation


Novell® Privileged User Manager

• Control user access to root accounts

• Audit all user activity with 100% keystroke logging

• Analyze potential threats based on policy-based risk ratings

• Simplify audit reporting with the most relevant, context-based information

• Support compliance with internal policies and external regulations


Customers Include:

Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Documents

Improve Your Compliance across UNIX and Linux Environments