Read accesscheck_CAT_E_1 text version

Agentless Access Management Tool

Strong support for internal controls using a highly realistic, cost-effective system

Agentless Access Management Tool

Now is the time for an effective control environment, with access control of privileged IDs. Practical steps are available now against immediate and significant risk!

General IT control is an essential part of internal control. Taking effective control of information systems requires above all a firm grip on access management. The recent spate of information leaks due to improper use of the privileged IDs of system administrators clearly reveals that inadequate access management represents a critical flaw. But when it comes to implementing measures separately for each server, the costs and lead time, the impact on production and the burden of maintenance are major obstacles that result in measures being delayed. To ensure that systems are operated securely and to handle the growing number of servers flexibly requires a highly cost-effective and realistic system, now more than ever.

When? Who?

The SecureCube / Access Check Workflow

A well-balanced combination of preventive control and detective control prevents malicious use of privileges and maintains a sound information system and business workflow.

System administrators & developers System administrator (authorizer)

1Access request 2Request notification e-mail

Request window Authorizer

Preventive control

Production environment

3Access approval / rejection

4Approval / rejection notification e-mail 5Access control

Developer

Logs

Before

Which server?

Log management for each server

6Logging and searching 7Log monitoring

Limitations of current access control

Costs and work balloon as the number of servers and clients increase

System administrators

Detective control

Ensures safe operation

Access is open to anyone

Each server has a separate log

If privileged IDs are shared, it's difficult to reissue personal IDs for all servers Separate access control for developers and administrators is hard to achieve

The Main Functions of SecureCube / Access Check Preventive control

Access request & approval function

Achieve segregation of duties required for system operation

Restrict users permitted access with the access request & approval function. When a user submits a request, a request notification e-mail is sent to the administrator who can control approval and rejection from the approval window. This establishes the segregation of duties critical for internal controls and achieves efficiency, whether for paper or e-mail-based operations. A complete history of requests and approvals is recorded, leaving a useful audit trail. Controls can be set for each protocol according to the requirements. You can set levels for requests and approvals such as "Accessible at any time", "Prior request required", or "Prior request and approval required". An emergency port can be used without approval from an administrator.

Which PC? Which IP? Developers & administrators

Shared privileged IDs & passwords

Servers

Log management for each server

Cross-checking access logs takes enormous time and effort Confusing access control settings for each server and client

What did they do?

Proposal from NRI SecureTechnologies

Agentless is the key! Build a highly cost-effective audit system in a month at the earliest.

Access control functions

Eliminate unauthorized access with granular settings

Request window

After

Best practices for access control derived from the experience of frontline system managers

A key feature of the agentless access management tool SecureCube / Access Check is that it can be deployed without affecting existing systems. In addition, since individuals can be identified using a SecureCube / Access Check ID, there is no need to is sue an ID to each developer and administrator on every server. Just by installing it between the servers and clients, you can achieve strong access controls, as well as the ability to monitor who, when, from which PC, with which protocol, which server was accessed, and what was done.

Servers

You can specify the IP addresses of clients that are allowed access for each protocol, or the IP addresses of servers that allow connections from each client IP address. In addition, granular settings enable control through user authentication and restrictions on the IP address request window for two-way connections for each user ID.

Detective control

Logging and search function

Identify improper operations quickly from extensive logs

The history of all operations is recorded. You can keep summary logs and full-text logs, even for encrypted communications such as SSH and HTTPS. In addition, you can enter conditions from the search window, and easily cross-check the displayed logs for the content of requests and for actual operations performed.

Central management of personal IDs and logs

Access logs

Access management Log management Access control

Developers & administrators

Access log monitoring function

Support for prompt action towards strengthening internal controls

Besides getting notification in real time of when users start and end access, administrators also get statistical records of access. You can view and print detailed reports. In addition, the function for reporting suspicious data allows you to spot types of access that need to be monitored. It also makes creating audit documentation more efficient. The keyword matching function for TELNET/SSH provides a powerful tool for auditing. By entering search keywords according to the content of requests, administrators can be notified automatically when a keyword is found in an operation log.

Supports both Unix and Windows servers

SecureCube / Access Check enables access control for all communications, irrespective of the server operating system.

UNIX system access relay function

Communication with Unix servers (TELNET, FTP, HTTP, SSH, HTTPS and other protocols) is via SecureCube / Access Check, allowing access control and logging.

Windows system access relay function

Access to Windows servers using Remote Desktop Connection (RDP) and file transfers to Windows servers (file sharing) is via SecureCube / Access Check, allowing access control and logging. The RDP relay function saves all operation logs in a movie format that can be viewed with any media software. The file sharing (CIFS) relay function enables control of downloading, drag and drop and so on, and logging of operations.

Regressive review of requests and operations is possible

Agentless Access Management Tool

List of Supported Protocols

The combination of access control and logging that can be configured for each protocol is as follows.

Access control Protocol

TELNET FTP HTTP Other TCP protocols Encrypted communication Windows SSH HTTPS RDP CIFS

2

Control using source IP addresses

Control using target IP addresses

Authorization by user ID & source / target IP control

Access request & approval linkage

Logging

Full-text logs Summary logs

URL regulation

(Authentication only) 1

URL regulation

(Authentication only)

3

4

Folder regulation

1 Some logs may be a binary. 2 RDP: Remote Desktop Protocol 3 Keeps video logs and keyboard logs. 4 CIFS (Common Internet File System): Windows file sharing connection protocol

SecureCube / Access Check Operating Environment

The SecureCube / Access operating environment and supported languages are as follows. English and Japanese are supported. In addition, it can also be provided as image files running on VMWare.

Supported operating system Recommended hardware Red Hat Enterprise Linux 5 Server Hardware running the operating system above CPU: 2.5 GHz or higher Memory: 2 GB or more (When using Windows options, it may be necessary to add more memory depending on frequency of use and the operations performed) HDD: 146 GB RAID 1 (SCSI or SAS) or better

In the environment above, it is necessary to have two servers in a main and standby configuration

Supported languages

Japanese and English

Extensive record of deployment in mission-critical areas

SecureCube / Access Check is highly regarded as a solution providing access control for protecting critical systems. It is deployed at more than 100 companies running mission-critical systems, including major financial institutions, manufacturers and distributors. SecureCube / Access Check Case Study

Installed as a gateway to approximately 100 production environment servers

With constantly burgeoning information systems, a client who wanted to strengthen internal controls discovered the limits of security managed by hand at the individual server level, and took the decision to deploy SecureCube / Access Check. The system was installed between the PCs used by developers and administrators, and the production environment servers. With the system functioning as a gateway for access from each PC to each server, the client successfully achieved integrated access management in just one and half months without even touching the farm of around 100 servers.

User restrictions

User registration User PC registration Registration of server accessed

Operations Management Department

Check the daily report next morning Report improper access to management

Restricted time of use

Request for time of use Request for purpose of use

Access Log Access management management control

Manager

Developers & administrators

Request content check Access log monitoring

Servers

Benefits

Achieved internal control by strengthening the security of access to the server farm Achieved an efficient and effective access management environment at far lower cost than the initial budget Significantly improved the efficiency of operations management through automation and centralization, eliminating the dependence on human intervention

Shiodome City Center, 1-5-2 Higashi-Shimbashi Minato-ku, Tokyo Japan 105-7113 Phone: +81-3-6274-1011 Fax: +81-3-6274-1099 Web site: www.nri-secure.co.jp Email: [email protected]

* NRI, the NRI logo, NRI SecureTechnologies, SecureCube, and the SecureCube logo are the trademarks or registered trademarks of Nomura Research Institute. * All company names, product names, and logos shown in this catalog are the trademarks or registered trademarks of their respective companies in Japan or other countries. * The contents of this catalog may change without notice. Copyright © 2010-2011 NRI SecureTechnologies, Ltd. All rights reserved.

9225-0005-01-1101e

Information

accesscheck_CAT_E_1

3 pages

Find more like this

Report File (DMCA)

Our content is added by our users. We aim to remove reported files within 1 working day. Please use this link to notify us:

Report this file as copyright or inappropriate

933371


You might also be interested in

BETA
CIT_Trouble_G_uk_09-05.qxd
The Zachman Framework