Upload
novell
View
847
Download
1
Embed Size (px)
DESCRIPTION
This session describes how to achieve compliance on your Linux and UNIX servers with Novell Privileged User Manager. Enterprises that want to comply with Sarbanes-Oxley data confidentiality, integrity and auditability requirements for privileged user activity will find out how easily it can be done with Novell Privileged User Manager. The session will feature an instructor-led demo highlighting the various aspects of Novell Privileged User Manager. It will also describe how to achieve compliance on Linux and UNIX servers. If you have ever had issues with audits or reporting on Linux root user accounts, then this is the session for you. Find out how easy it can be and how all of this fits in the Identity and Security space at Novell.
Citation preview
Improve Your Compliance Across UNIX and Linux Environments
Baber AminBusiness Line ManagerNovell, Inc. /[email protected]
Richard BoultonNPUM Lead,Novell, Inc./[email protected]
© Novell, Inc. All rights reserved.2
Agenda
• Privileged Identities
• Privileged Identities and Compliance
• Novell® Privileged User Manager
• Demo
© Novell, Inc. All rights reserved.3
Privileged Identities
• Least Privilege Concept
• Dangers from Privileged Identities
© Novell, Inc. All rights reserved.4
© Novell, Inc. All rights reserved.5
© Novell, Inc. All rights reserved.6
Privileged Accounts
© Novell, Inc. All rights reserved.7
Privileged Accounts
Access to Information
© Novell, Inc. All rights reserved.8
Privileged Accounts
Access to Information
Bypass Controls
© Novell, Inc. All rights reserved.9
Privileged Accounts
Access to Information
Hacker Target
Bypass Controls
© Novell, Inc. All rights reserved.10
Privileged Accounts
Access to Information
Hacker Target
Bypass Controls
Insider Threats
© Novell, Inc. All rights reserved.11
Privileged Identities and Regulatory Compliance
© Novell, Inc. All rights reserved.12
Privileged Identities and Regulatory Compliance• Sarbanes-Oxley
© Novell, Inc. All rights reserved.13
Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI
© Novell, Inc. All rights reserved.14
Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA
© Novell, Inc. All rights reserved.15
Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA• GLBA
© Novell, Inc. All rights reserved.16
Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA• GLBA• ISO 27001
© Novell, Inc. All rights reserved.17
What does Novell® offer?
© Novell, Inc. All rights reserved.18
© Novell, Inc. All rights reserved.19
Who can Initiate an Action?
© Novell, Inc. All rights reserved.20
What Actions can They Initiate?Who can Initiate an Action?
© Novell, Inc. All rights reserved.21
Audit ALL Activity
Who can Initiate an Action?What Actions can They Initiate?
© Novell, Inc. All rights reserved.22
Centralized Management
© Novell, Inc. All rights reserved.23
Compliance Workflow
© Novell, Inc. All rights reserved.24
3 Step UNIX/Linux Compliance Solution
• 100% privileged user keystroke recording• Automated grading of activity risk level
Step 1
© Novell, Inc. All rights reserved.25
3 Step UNIX/Linux Compliance Solution
• 100% privileged user keystroke recording• Automated grading of activity risk level
Step 1
• Super user privilege management• Real-time control and alerting
Step 2
© Novell, Inc. All rights reserved.26
3 Step UNIX/Linux Compliance Solution
• 100% privileged user keystroke recording• Automated grading of activity risk level
Step 1
• Super user privilege management• Real-time control and alerting
Step 2
• Proactive compliance management• Auditing the auditor
Step 3
DEMO
© Novell, Inc. All rights reserved.28
Scenario 1: Basic Setup
PUM Agent
Privileged User Manager’s components
Linux / Unix Server
Help Desk
3
1. Help Desk accesses the POS devices (directly e.g. SSH)
2. PUM authenticates to PUM
3. Commands via keystroke are recorded and audited
4. PUM Admin authorizes events and reviews risks
PUM Framework
Auditor
4
2
1
© Novell, Inc. All rights reserved.29
Scenario 2: Large Environments
Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool
2. Jump-Off authenticates to PUM
3. PUM Jump-Off box creates PUM session on target
4. Commands and keystroke are recorded and audited
5. PUM Admin authorizes events and reviews risks
PUM Agent
PUM Jump-Off
PUM Framework
Help Desk
PUM Admin
3
4
2
1
5
© Novell, Inc. All rights reserved.30
PUM Jump-Off
Scenario 3: PUM and PoS
PUM SSH-Proxy
PUM Framework
Privileged User Manager’s components
POS Devices *
Help Desk
* Note: zero impact, no software agent installed
PUM Admin
1
2
3
45
1. Help Desk accesses the PUM Jump-Off box pool
2. Jump-Off authenticates to PUM
3. SSH-Proxy communicates to POS devices (trusted SSH session)
4. Commands via keystroke are recorded and audited
5. PUM Admin authorizes events and reviews risks
SSH
(tru
sted
cer
t)
© Novell, Inc. All rights reserved.31
Novell® Privileged User ManagerSSH Access via ‘Jump Box’
Provide the accountable access via SSH
Secure and manage all outbound access to corporate POS machines through ‘Jump-Off’ proxies
Reduced cost to associate every POS endpoint
Avoided impact to all POS endpoints
Audit all access to POS endpoints through Command Control which feeds into Compliance Auditor
In Closing
© Novell, Inc. All rights reserved.33
You Need Privileged User Management • Critical Apps on Linux / UNIX
© Novell, Inc. All rights reserved.34
You Need Privileged User Management • Critical Apps on Linux / UNIX
• Linux / Unix Server
© Novell, Inc. All rights reserved.35
You Need Privileged User Management • Critical Apps on Linux / UNIX
• Linux / Unix Server
• Verify and Audit actions
© Novell, Inc. All rights reserved.36
You Need Privileged User Management• Critical Apps on Linux / UNIX
• Linux / Unix Server
• Verify and Audit actions
• Admin credential proliferation
© Novell, Inc. All rights reserved.37
Novell® Privileged User Manager
• Control user access to root accounts
• Audit all user activity with 100% keystroke logging
• Analyze potential threats based on policy-based risk ratings
• Simplify audit reporting with the most relevant, context-based information
• Support compliance with internal policies and external regulations
© Novell, Inc. All rights reserved.38
Customers Include:
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.