1 secure Agent Secure Enterprise Solutions Product Overview The IDG 9074 Remote Access Controller 2448 E. 81 st St, Ste 2000 Tulsa OK USA Tel: Fax:
2 2 Security requirements for open systems Access the root of the problem In support of business objectives, today s IT environment is an increasingly heterogeneous mix of hosts, servers, and operating systems, which can cause problems for IT systems administrators. For mainframes, administrators need access at the system level, while for UNIX and Linux systems, they need root access. A person with root access has total control of the system both unintended mistakes and deliberate maliciousness can cause catastrophic interruptions in system availability and business continuity (or even survival), therefore, such access is not to be granted lightly. The concerns inherent in granting root access on UNIX and Linux systems are magnified as the computers are distributed geographically (for example, a production data center in one location and the associated disaster recovery site in another) or as the number of systems increases. Granting root access to a particular user transfers control of that system from the central security administrator to a wider and, therefore, more vulnerable user environment, putting the entire enterprise at risk. Increasingly valuable data and a corresponding growth in data intrusions have forced network security professionals to reevaluate the practice. An overall shift toward securing access to corporate data and systems sharpens the focus on this critical issue. As a result, the standard practice of providing root access based solely on operational requirements is coming under increasing scrutiny. Its vulnerabilities have recently been questioned by internal security auditors and by external regulatory agencies. Out of many discussions with COOs, CIOs and Security Officers, the following requirements for open system servers emerged: Secure access to root level with a user ID and password known only to the authorized individual; that is, no blanket access with a global password Audit logs for root-level access and activity Role-based access controls (RBAC), so a user only can access a server based on his or her job function Central administration of all access controls and for all locations, including backup, disaster recovery, and archive sites so administrative tasks only have to be done once Issue alerts if attacks are detected or a defined number of unaccepted accesses are counted Encryption of the entire data transfer to ensure security
3 3 Problem solved IDG 9074 Remote Access Controller Now such requirements (and many other functions) are integrated in the IDG 9074 Remote Access Controller. The figure below shows a typical installation. Security Administrator Defines user groups. Assigns access rights. UNIX, Linux, or Other Open Systems Servers TCP/IP IDG 9074 Remote Access Controller Functions Filters Alerts Secures Logs TCP/IP Internal Network The IDG 9074 Remote Access Controller is an integrated hardware/software solution that supports customers needs and smoothly integrates into their existing infrastructures. In addition to a primary IDG 9074 Remote Access Controller, secondary Remote Access Controllers may be used as defined by customer requirements, access-load balancing, and to ensure redundancy (particularly at remote locations such as backup, archival, or disaster recovery sites). Features of the IDG 9074 Remote Access Controller We designed the IDG 9074 Remote Access Controller to be transparent in use and with features that make configuration and maintenance quick and easy and that provide state-of-the-art security, even for remote locations. Role-based access controls Using the included GUI administration program, you can easily set up user groups and assign access privileges to them. Equally important, if group membership changes, you can easily add or remove users, and do so from a central location, avoiding the time and expense of travel to remote locations or dealing with individual user systems. s patented authentication logon protocol ensures only authorized users have access. Combined with role-based access controls, it assures that those who actually access a system should have access, even from remote locations. Our logon protocol helps prevent attacks not only by outsiders, but also
4 4 by negligent or malicious insiders. It is currently in use in many of the world s largest data centers. Encryption of all communications between the IDG 9074 Remote Access Controller and clients ensures security of the data stream. All data is transmitted using our industry-proven, advanced encryption technology, and our patented, centralized key-management strategy. Access and activity logs provide auditability. Unauthorized personnel cannot access log files, assuring proof of regulatory compliance. Easy-to-use GUI-based administration program means you can configure and maintain the IDG 9074 Remote Access Controller quickly and easily from one central location even remotely, so in the event of problems, travel and downtime are minimized. Secure remote access means disaster recovery plans can be supported and maintained from any location. Our patent-pending Instant Replay feature presents a scrollable history window showing a keystroke-by-keystroke recall of a particular connection. As the associated console emulation updates itself, Instant Replay captures refreshed screens and saves them in memory. It helps reduce downtime you can see what actually occurred, down to the keystroke level, and quickly take corrective action, even from remote locations. Instant Replay is also useful in training. Secure Telnet clients included at no additional charge. Connections can also be made through SSH or SSH2. Includes easy-to-use REXX programming language that allows quick automation of operating system command sequences without extensive prior programming experience. Provides security administrators with an over-the shoulder view of operators with root access without the operators knowledge, allowing for real-time, proactive monitoring, even of multiple consoles simultaneously. The IDG 9074 Remote Access Controller is an out-of-the-box solution that installs quickly and does not require intensive training of security administrators. The IDG 9074 Remote Access Controller can connect to multiple UNIX servers. An alternate IDG 9074 can provide redundancy. The combination of a primary and alternate is far more affordable than other solutions priced on the basis of an entire server farm. About has been helping customers protect and manage sensitive data for more than 20 years. Many of the largest companies across the United States and throughout Europe use SecureAgent products in mission-critical areas of their daily operations. The Company develops both software and hardware products that play an integral role in
5 5 secure remote console access, data backup and recovery, advanced automation, integrated tape management, and disaster recovery. is a pioneer in the implementation of role-based access controls, and both commercial customers and the governmental sector use its products extensively to comply with evolving regulatory guidance. Among the companies using products are three of the four largest US banks, two of the largest credit card processing companies, the nation s two largest communications companies, the world s largest stock exchange, the largest US airline, and the largest airline reservations companies in the US and Europe. For additional information, please contact: 2448 East 81 st Street, Suite 2000 Tulsa, OK Voice: Fax: Toll-free: IDG 9074 is a registered trademark and Remote Access Controller is a trademark of.
Storage Guardian Remote Backup Restore and Archive Services Storage Guardian is the unique alternative to traditional backup methods, replacing conventional tapebased backup systems with a fully automated,
BEST PRACTICES: EVENT LOG MANAGEMENT FOR SECURITY AND COMPLIANCE INITIATIVES IN THE EUROPEAN UNION By Ipswitch, Inc. Network Managment Division www.whatsupgold.com July 2010 Table of Contents Executive
Securing Microsoft s Cloud Infrastructure This paper introduces the reader to the Online Services Security and Compliance team, a part of the Global Foundation Services division who manages security for
Microsoft Corporation and HP Using Network Attached Storage for Reliable Backup and Recovery Microsoft Corporation Published: March 2010 Abstract Tape-based backup and restore technology has for decades
WHITE PAPER Security Solutions The Identity and Access Management Imperative: Securing the Extended Enterprise Introduction For nearly three years, a junior trader allegedly used stolen passwords and insider
AT&T Synaptic Hosting SM Service Security Overview A Look at AT&T s Protective Measures to Enable Your Business Success AT&T follows high security standards to help protect customers from the risks and
Event Log Management & Compliance Best Practices: For Government & Healthcare Industry Sectors By Ipswitch, Inc. Network Managment Division www.whatsupgold.com September 2010 Table of Contents Compliance
Best Practices Guide McAfee epolicy Orchestrator for use with epolicy Orchestrator versions 4.5.0 and 4.0.0 COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be
IBM Connections White Paper September 2014 IBM Connections Cloud Security 2 IBM Connections Cloud Security Contents 3 Introduction 4 Security-rich Infrastructure 6 Policy Enforcement Points Provide Application
Solution in Detail NetWeaver Business-Driven, Compliant Identity Table of Contents 3 Quick Facts 4 Business Challenges Identity for the User Lifecycle 5 The Solution Supporting a Heterogeneous IT Landscape
Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying
A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments
Why cloud backup? Top 10 reasons HP Autonomy solutions Table of contents 3 Achieve disaster recovery with secure offsite cloud backup 4 Free yourself from manual and complex tape backup tasks 4 Get predictable
In this White Paper Connectivity is good. Secure connectivity is essential. This white paper by Thales UK explains how Thales Gateway Services protect the exchange of data across security domains. It discusses
Privileged Identity Management An Executive Overview Privileged Identity Management Contents What You Need to Know................................................... 3 Privileged Identities Explained............................................
BEST PRACTICES: EVENT LOG MANAGEMENT FOR SECURITY AND COMPLIANCE INITIATIVES By Ipswitch, Inc. Network Managment Division www.whatsupgold.com July 2010 Table of Contents Executive Summary... 1 Event Log
SOLUTION BRIEF: SYMANTEC NETBACKUP........................................ Delivering a New Level of Data Protection Resiliency with Appliances Who should read this paper - Directors of IT and IT Managers
Continuous Compliance for Energy and Nuclear Facility Cyber Security Regulations Leveraging Configuration and Vulnerability Analysis for Critical Assets and Infrastructure May 2015 (Revision 2) Table of
The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction... 3 CSC 1: Inventory of Authorized and Unauthorized Devices... 8 CSC 2: Inventory of Authorized and Unauthorized Software...
RSA Authentication Manager 8.1 Planning Guide Revision 1 Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm Trademarks
January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...
Protect what you value. Virtualization and Risk: Key Security Considerations for Your Enterprise Architecture Taking a structured and systematic view of the impact of hardware virtualization on IT risk
The Definitive Guide tm To Cloud Computing Ch apter 10: Key Steps in Establishing Enterprise Cloud Computing Services... 185 Ali gning Business Drivers with Cloud Services... 187 Un derstanding Business