SlideShare ist ein Scribd-Unternehmen logo

Improve Your Compliance across UNIX and Linux Environments

Novell
Novell

This session describes how to achieve compliance on your Linux and UNIX servers with Novell Privileged User Manager. Enterprises that want to comply with Sarbanes-Oxley data confidentiality, integrity and auditability requirements for privileged user activity will find out how easily it can be done with Novell Privileged User Manager. The session will feature an instructor-led demo highlighting the various aspects of Novell Privileged User Manager. It will also describe how to achieve compliance on Linux and UNIX servers. If you have ever had issues with audits or reporting on Linux root user accounts, then this is the session for you. Find out how easy it can be and how all of this fits in the Identity and Security space at Novell.

1 von 40
Downloaden Sie, um offline zu lesen
Improve Your Compliance Across UNIX and Linux Environments Baber Amin Richard Boulton Business Line Manager NPUM Lead, Novell, Inc. /baber@novell.com Novell, Inc./rboulton@novell.com
Agenda • Privileged Identities • Privileged Identities and Compliance • Novell Privileged User Manager ® • Demo 2 © Novell, Inc. All rights reserved.
Privileged Identities • Least Privilege Concept • Dangers from Privileged Identities 3 © Novell, Inc. All rights reserved.
4 © Novell, Inc. All rights reserved.
5 © Novell, Inc. All rights reserved.
Privileged Accounts 6 © Novell, Inc. All rights reserved.
Privileged Accounts Access to Information 7 © Novell, Inc. All rights reserved.
Bypass Controls Privileged Accounts Access to Information 8 © Novell, Inc. All rights reserved.
Bypass Controls Privileged Accounts Access to Information Hacker Target 9 © Novell, Inc. All rights reserved.
Bypass Controls Privileged Accounts Access to Information Hacker Target Insider Threats 10 © Novell, Inc. All rights reserved.
Privileged Identities and Regulatory Compliance 11 © Novell, Inc. All rights reserved.
Privileged Identities and Regulatory Compliance • Sarbanes-Oxley 12 © Novell, Inc. All rights reserved.
Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI 13 © Novell, Inc. All rights reserved.
Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI • HIPAA 14 © Novell, Inc. All rights reserved.
Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI • HIPAA • GLBA 15 © Novell, Inc. All rights reserved.
Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI • HIPAA • GLBA • ISO 27001 16 © Novell, Inc. All rights reserved.
What does Novell offer?® 17 © Novell, Inc. All rights reserved.
18 © Novell, Inc. All rights reserved.
Who can Initiate an Action? 19 © Novell, Inc. All rights reserved.
Who can Initiate an Action? What Actions can They Initiate? 20 © Novell, Inc. All rights reserved.
Who can Initiate an Action? What Actions can They Initiate? Audit ALL Activity 21 © Novell, Inc. All rights reserved.
Centralized Management 22 © Novell, Inc. All rights reserved.
Compliance Workflow 23 © Novell, Inc. All rights reserved.
3 Step UNIX/Linux Compliance Solution Step • 100% privileged user keystroke recording 1 • Automated grading of activity risk level 24 © Novell, Inc. All rights reserved.
3 Step UNIX/Linux Compliance Solution Step • 100% privileged user keystroke recording 1 • Automated grading of activity risk level Step • Super user privilege management 2 • Real-time control and alerting 25 © Novell, Inc. All rights reserved.
3 Step UNIX/Linux Compliance Solution Step • 100% privileged user keystroke recording 1 • Automated grading of activity risk level Step • Super user privilege management 2 • Real-time control and alerting Step • Proactive compliance management 3 • Auditing the auditor 26 © Novell, Inc. All rights reserved.
DEMO
Scenario 1: Basic Setup Linux / Unix Server Help Desk 1 PUM Agent 2 Auditor PUM 4 3 Framework Privileged User Manager’s components 1. Help Desk accesses the POS devices (directly e.g. SSH) 2. PUM authenticates to PUM 3. Commands via keystroke are recorded and audited 4. PUM Admin authorizes events and reviews risks 28 © Novell, Inc. All rights reserved.
Scenario 2: Large Environments Help Desk 1 PUM 3 Jump-Off 2 PUM Admin PUM 5 PUM 4 Agent Framework Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool 2. Jump-Off authenticates to PUM 3. PUM Jump-Off box creates PUM session on target 4. Commands and keystroke are recorded and audited 5. PUM Admin authorizes events and reviews risks 29 © Novell, Inc. All rights reserved.
Scenario 3: PUM and PoS POS Devices * SSH (trusted cert) Help Desk 3 1 PUM PUM Jump-Off SSH-Proxy 2 PUM Admin 4 * Note: zero impact, no 5 PUM software agent installed Framework Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool 2. Jump-Off authenticates to PUM 3. SSH-Proxy communicates to POS devices (trusted SSH session) 4. Commands via keystroke are recorded and audited 5. PUM Admin authorizes events and reviews risks 30 © Novell, Inc. All rights reserved.
Novell Privileged User Manager ® SSH Access via ‘Jump Box’ Provide the accountable access via SSH Secure and manage all outbound access to corporate POS machines through ‘Jump-Off’ proxies Reduced cost to associate every POS endpoint Avoided impact to all POS endpoints Audit all access to POS endpoints through Command Control which feeds into Compliance Auditor 31 © Novell, Inc. All rights reserved.
In Closing
You Need Privileged User Management • Critical Apps on Linux / UNIX 33 © Novell, Inc. All rights reserved.
You Need Privileged User Management • Critical Apps on Linux / UNIX • Linux / Unix Server 34 © Novell, Inc. All rights reserved.
You Need Privileged User Management • Critical Apps on Linux / UNIX • Linux / Unix Server • Verify and Audit actions 35 © Novell, Inc. All rights reserved.
You Need Privileged User Management • Critical Apps on Linux / UNIX • Linux / Unix Server • Verify and Audit actions • Admin credential proliferation 36 © Novell, Inc. All rights reserved.
Novell Privileged User Manager ® • Control user access to root accounts • Audit all user activity with 100% keystroke logging • Analyze potential threats based on policy-based risk ratings • Simplify audit reporting with the most relevant, context- based information • Support compliance with internal policies and external regulations 37 © Novell, Inc. All rights reserved.
Customers Include: 38 © Novell, Inc. All rights reserved.
Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Empfohlen

Advanced Automation Appliances 6.21.09
Advanced Automation Appliances 6.21.09Advanced Automation Appliances 6.21.09
Advanced Automation Appliances 6.21.09
mgk918
 
Cfs0077 ul-c-web part3
Cfs0077 ul-c-web part3Cfs0077 ul-c-web part3
Cfs0077 ul-c-web part3
sanzen enterprises
 
Graph7 e
Graph7 eGraph7 e
Graph7 e
hung_vp25
 
SoC Subsystem Manager Data Sheet
SoC Subsystem Manager Data SheetSoC Subsystem Manager Data Sheet
SoC Subsystem Manager Data Sheet
ChipStart LLC
 
Safety control systems: Some essential considerations
Safety control systems: Some essential considerationsSafety control systems: Some essential considerations
Safety control systems: Some essential considerations
Optima Control Solutions
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM Virtualization
Marcel Winandy
 
Novell ZENworks Configuration Management Database Management
Novell ZENworks Configuration Management Database ManagementNovell ZENworks Configuration Management Database Management
Novell ZENworks Configuration Management Database Management
Novell
 
Using Federation to Simplify Access to SharePoint, SaaS and Partner Applications
Using Federation to Simplify Access to SharePoint, SaaS and Partner ApplicationsUsing Federation to Simplify Access to SharePoint, SaaS and Partner Applications
Using Federation to Simplify Access to SharePoint, SaaS and Partner Applications
Novell
 

Empfohlen

Advanced Automation Appliances 6.21.09
Advanced Automation Appliances 6.21.09Advanced Automation Appliances 6.21.09
Advanced Automation Appliances 6.21.09
mgk918
 
Cfs0077 ul-c-web part3
Cfs0077 ul-c-web part3Cfs0077 ul-c-web part3
Cfs0077 ul-c-web part3
sanzen enterprises
 
Graph7 e
Graph7 eGraph7 e
Graph7 e
hung_vp25
 
SoC Subsystem Manager Data Sheet
SoC Subsystem Manager Data SheetSoC Subsystem Manager Data Sheet
SoC Subsystem Manager Data Sheet
ChipStart LLC
 
Safety control systems: Some essential considerations
Safety control systems: Some essential considerationsSafety control systems: Some essential considerations
Safety control systems: Some essential considerations
Optima Control Solutions
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM Virtualization
Marcel Winandy
 
Novell ZENworks Configuration Management Database Management
Novell ZENworks Configuration Management Database ManagementNovell ZENworks Configuration Management Database Management
Novell ZENworks Configuration Management Database Management
Novell
 
Using Federation to Simplify Access to SharePoint, SaaS and Partner Applications
Using Federation to Simplify Access to SharePoint, SaaS and Partner ApplicationsUsing Federation to Simplify Access to SharePoint, SaaS and Partner Applications
Using Federation to Simplify Access to SharePoint, SaaS and Partner Applications
Novell
 
Novell Access Governance Suite
Novell Access Governance SuiteNovell Access Governance Suite
Novell Access Governance Suite
Novell
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
Novell
 
Applying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsApplying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday Problems
Novell
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access Manager
Novell
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
Novell
 
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Novell
 
Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Creating a Full Privileged User Solution with Novell Privileged User Manager,...Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Novell
 
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Novell
 
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Novell
 
Improving SCADA Security
Improving SCADA SecurityImproving SCADA Security
Improving SCADA Security
Narinrit Prem-apiwathanokul
 
Wallix AdminBastion - Privileged User Management & Access Control
Wallix AdminBastion - Privileged User Management & Access ControlWallix AdminBastion - Privileged User Management & Access Control
Wallix AdminBastion - Privileged User Management & Access Control
zayedalji
 
Security 101: Limiting Powerful User Profiles
Security 101: Limiting Powerful User ProfilesSecurity 101: Limiting Powerful User Profiles
Security 101: Limiting Powerful User Profiles
Precisely
 
An Identity-focused Approach to Compliance
An Identity-focused Approach to ComplianceAn Identity-focused Approach to Compliance
An Identity-focused Approach to Compliance
Novell
 
An Identity-focused Approach to Compliance
An Identity-focused Approach to ComplianceAn Identity-focused Approach to Compliance
An Identity-focused Approach to Compliance
Novell
 
Privileged Access Manager POC Guidelines
Privileged Access Manager POC GuidelinesPrivileged Access Manager POC Guidelines
Privileged Access Manager POC Guidelines
Hitachi ID Systems, Inc.
 
Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...
Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...
Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...
Novell
 
C90 Security Service
C90 Security ServiceC90 Security Service
C90 Security Service
christoboshoff
 
CCNA Network Monitoring
CCNA Network MonitoringCCNA Network Monitoring
CCNA Network Monitoring
Networkel
 
2V_presentation
2V_presentation2V_presentation
2V_presentation
nrvikhyath
 
2 v presentation_new
2 v presentation_new2 v presentation_new
2 v presentation_new
nrvikhyath
 
Uvm dac2011 final_color
Uvm dac2011 final_colorUvm dac2011 final_color
Uvm dac2011 final_color
Jamal EL HAITOUT
 
Business Case - SSD.pptx
Business Case - SSD.pptxBusiness Case - SSD.pptx
Business Case - SSD.pptx
Pritam Yadav
 

Weitere ähnliche Inhalte

Andere mochten auch

Novell Access Governance Suite
Novell Access Governance SuiteNovell Access Governance Suite
Novell Access Governance Suite
Novell
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
Novell
 
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Novell
 

Andere mochten auch (6)

Novell Access Governance Suite
Novell Access Governance SuiteNovell Access Governance Suite
Novell Access Governance Suite
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Applying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsApplying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday Problems
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access Manager
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
 
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...
 

Ähnlich wie Improve Your Compliance across UNIX and Linux Environments

Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Creating a Full Privileged User Solution with Novell Privileged User Manager,...Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Novell
 
2V_presentation
2V_presentation2V_presentation
2V_presentation
nrvikhyath
 
2 v presentation_new
2 v presentation_new2 v presentation_new
2 v presentation_new
nrvikhyath
 
Gupta cell verification dv club
Gupta cell verification dv clubGupta cell verification dv club
Gupta cell verification dv club
Obsidian Software
 
Cell Verification Metrics
Cell Verification MetricsCell Verification Metrics
Cell Verification Metrics
DVClub
 

Ähnlich wie Improve Your Compliance across UNIX and Linux Environments (20)

Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Creating a Full Privileged User Solution with Novell Privileged User Manager,...Creating a Full Privileged User Solution with Novell Privileged User Manager,...
Creating a Full Privileged User Solution with Novell Privileged User Manager,...
 
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
 
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
Introducing Novell Privileged User Manager and Securing Novell Open Enterpris...
 
Improving SCADA Security
Improving SCADA SecurityImproving SCADA Security
Improving SCADA Security
 
Wallix AdminBastion - Privileged User Management & Access Control
Wallix AdminBastion - Privileged User Management & Access ControlWallix AdminBastion - Privileged User Management & Access Control
Wallix AdminBastion - Privileged User Management & Access Control
 
Security 101: Limiting Powerful User Profiles
Security 101: Limiting Powerful User ProfilesSecurity 101: Limiting Powerful User Profiles
Security 101: Limiting Powerful User Profiles
 
An Identity-focused Approach to Compliance
An Identity-focused Approach to ComplianceAn Identity-focused Approach to Compliance
An Identity-focused Approach to Compliance
 
An Identity-focused Approach to Compliance
An Identity-focused Approach to ComplianceAn Identity-focused Approach to Compliance
An Identity-focused Approach to Compliance
 
Privileged Access Manager POC Guidelines
Privileged Access Manager POC GuidelinesPrivileged Access Manager POC Guidelines
Privileged Access Manager POC Guidelines
 
Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...
Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...
Monitoring a SUSE Linux Enterprise Environment with System Center Operations ...
 
C90 Security Service
C90 Security ServiceC90 Security Service
C90 Security Service
 
CCNA Network Monitoring
CCNA Network MonitoringCCNA Network Monitoring
CCNA Network Monitoring
 
2V_presentation
2V_presentation2V_presentation
2V_presentation
 
2 v presentation_new
2 v presentation_new2 v presentation_new
2 v presentation_new
 
Uvm dac2011 final_color
Uvm dac2011 final_colorUvm dac2011 final_color
Uvm dac2011 final_color
 
Business Case - SSD.pptx
Business Case - SSD.pptxBusiness Case - SSD.pptx
Business Case - SSD.pptx
 
Controller MIgration & Connectivity 11.10.09
Controller MIgration & Connectivity 11.10.09Controller MIgration & Connectivity 11.10.09
Controller MIgration & Connectivity 11.10.09
 
Effectively Utilizing LEMSS: Top 11 Security Capabilities You Can Implement T...
Effectively Utilizing LEMSS: Top 11 Security Capabilities You Can Implement T...Effectively Utilizing LEMSS: Top 11 Security Capabilities You Can Implement T...
Effectively Utilizing LEMSS: Top 11 Security Capabilities You Can Implement T...
 
Gupta cell verification dv club
Gupta cell verification dv clubGupta cell verification dv club
Gupta cell verification dv club
 
Cell Verification Metrics
Cell Verification MetricsCell Verification Metrics
Cell Verification Metrics
 

Mehr von Novell

Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
Novell
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
Novell
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
Novell
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
Novell
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
Novell
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
Novell
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
Novell
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
Novell
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Novell
 
ASP.NET on zLinux: A New Workload
ASP.NET on zLinux: A New WorkloadASP.NET on zLinux: A New Workload
ASP.NET on zLinux: A New Workload
Novell
 

Mehr von Novell (20)

Filr white paper
Filr white paperFilr white paper
Filr white paper
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentation
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentation
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social media
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social media
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the Cloud
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration Trends
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
 
ASP.NET on zLinux: A New Workload
ASP.NET on zLinux: A New WorkloadASP.NET on zLinux: A New Workload
ASP.NET on zLinux: A New Workload
 

Improve Your Compliance across UNIX and Linux Environments

  • 1. Improve Your Compliance Across UNIX and Linux Environments Baber Amin Richard Boulton Business Line Manager NPUM Lead, Novell, Inc. /baber@novell.com Novell, Inc./rboulton@novell.com
  • 2. Agenda • Privileged Identities • Privileged Identities and Compliance • Novell Privileged User Manager ® • Demo 2 © Novell, Inc. All rights reserved.
  • 3. Privileged Identities • Least Privilege Concept • Dangers from Privileged Identities 3 © Novell, Inc. All rights reserved.
  • 4. 4 © Novell, Inc. All rights reserved.
  • 5. 5 © Novell, Inc. All rights reserved.
  • 6. Privileged Accounts 6 © Novell, Inc. All rights reserved.
  • 7. Privileged Accounts Access to Information 7 © Novell, Inc. All rights reserved.
  • 8. Bypass Controls Privileged Accounts Access to Information 8 © Novell, Inc. All rights reserved.
  • 9. Bypass Controls Privileged Accounts Access to Information Hacker Target 9 © Novell, Inc. All rights reserved.
  • 10. Bypass Controls Privileged Accounts Access to Information Hacker Target Insider Threats 10 © Novell, Inc. All rights reserved.
  • 11. Privileged Identities and Regulatory Compliance 11 © Novell, Inc. All rights reserved.
  • 12. Privileged Identities and Regulatory Compliance • Sarbanes-Oxley 12 © Novell, Inc. All rights reserved.
  • 13. Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI 13 © Novell, Inc. All rights reserved.
  • 14. Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI • HIPAA 14 © Novell, Inc. All rights reserved.
  • 15. Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI • HIPAA • GLBA 15 © Novell, Inc. All rights reserved.
  • 16. Privileged Identities and Regulatory Compliance • Sarbanes-Oxley • PCI • HIPAA • GLBA • ISO 27001 16 © Novell, Inc. All rights reserved.
  • 17. What does Novell offer?® 17 © Novell, Inc. All rights reserved.
  • 18. 18 © Novell, Inc. All rights reserved.
  • 19. Who can Initiate an Action? 19 © Novell, Inc. All rights reserved.
  • 20. Who can Initiate an Action? What Actions can They Initiate? 20 © Novell, Inc. All rights reserved.
  • 21. Who can Initiate an Action? What Actions can They Initiate? Audit ALL Activity 21 © Novell, Inc. All rights reserved.
  • 22. Centralized Management 22 © Novell, Inc. All rights reserved.
  • 23. Compliance Workflow 23 © Novell, Inc. All rights reserved.
  • 24. 3 Step UNIX/Linux Compliance Solution Step • 100% privileged user keystroke recording 1 • Automated grading of activity risk level 24 © Novell, Inc. All rights reserved.
  • 25. 3 Step UNIX/Linux Compliance Solution Step • 100% privileged user keystroke recording 1 • Automated grading of activity risk level Step • Super user privilege management 2 • Real-time control and alerting 25 © Novell, Inc. All rights reserved.
  • 26. 3 Step UNIX/Linux Compliance Solution Step • 100% privileged user keystroke recording 1 • Automated grading of activity risk level Step • Super user privilege management 2 • Real-time control and alerting Step • Proactive compliance management 3 • Auditing the auditor 26 © Novell, Inc. All rights reserved.
  • 27. DEMO
  • 28. Scenario 1: Basic Setup Linux / Unix Server Help Desk 1 PUM Agent 2 Auditor PUM 4 3 Framework Privileged User Manager’s components 1. Help Desk accesses the POS devices (directly e.g. SSH) 2. PUM authenticates to PUM 3. Commands via keystroke are recorded and audited 4. PUM Admin authorizes events and reviews risks 28 © Novell, Inc. All rights reserved.
  • 29. Scenario 2: Large Environments Help Desk 1 PUM 3 Jump-Off 2 PUM Admin PUM 5 PUM 4 Agent Framework Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool 2. Jump-Off authenticates to PUM 3. PUM Jump-Off box creates PUM session on target 4. Commands and keystroke are recorded and audited 5. PUM Admin authorizes events and reviews risks 29 © Novell, Inc. All rights reserved.
  • 30. Scenario 3: PUM and PoS POS Devices * SSH (trusted cert) Help Desk 3 1 PUM PUM Jump-Off SSH-Proxy 2 PUM Admin 4 * Note: zero impact, no 5 PUM software agent installed Framework Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool 2. Jump-Off authenticates to PUM 3. SSH-Proxy communicates to POS devices (trusted SSH session) 4. Commands via keystroke are recorded and audited 5. PUM Admin authorizes events and reviews risks 30 © Novell, Inc. All rights reserved.
  • 31. Novell Privileged User Manager ® SSH Access via ‘Jump Box’ Provide the accountable access via SSH Secure and manage all outbound access to corporate POS machines through ‘Jump-Off’ proxies Reduced cost to associate every POS endpoint Avoided impact to all POS endpoints Audit all access to POS endpoints through Command Control which feeds into Compliance Auditor 31 © Novell, Inc. All rights reserved.
  • 33. You Need Privileged User Management • Critical Apps on Linux / UNIX 33 © Novell, Inc. All rights reserved.
  • 34. You Need Privileged User Management • Critical Apps on Linux / UNIX • Linux / Unix Server 34 © Novell, Inc. All rights reserved.
  • 35. You Need Privileged User Management • Critical Apps on Linux / UNIX • Linux / Unix Server • Verify and Audit actions 35 © Novell, Inc. All rights reserved.
  • 36. You Need Privileged User Management • Critical Apps on Linux / UNIX • Linux / Unix Server • Verify and Audit actions • Admin credential proliferation 36 © Novell, Inc. All rights reserved.
  • 37. Novell Privileged User Manager ® • Control user access to root accounts • Audit all user activity with 100% keystroke logging • Analyze potential threats based on policy-based risk ratings • Simplify audit reporting with the most relevant, context- based information • Support compliance with internal policies and external regulations 37 © Novell, Inc. All rights reserved.
  • 38. Customers Include: 38 © Novell, Inc. All rights reserved.
  • 39.
  • 40. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.