Quest One Privileged Account Appliance
|
|
- Lenard O’Brien’
- 8 years ago
- Views:
Transcription
1 Quest One Privileged Account Appliance Security Architecture Written By Quest Software, Inc.
2 Contents Abstract... 2 Introduction... 3 Enhanced Privileged Account Management with Quest One... 3 About this Document... 3 Layers of Protection in the Quest One Privileged Account Appliance... 4 Appliance Hardening... 4 Operating System Hardening... 4 Application Protection Techniques... 5 Certificates, Keys and Key Management... 5 Backup Protection... 7 Security for Patches and Software Updates... 7 About Quest One Identity Solutions
3 Abstract This document describes the security architecture of the Quest One Privileged Account Appliance, developed by e-dmz and now part of the Quest One Identity Solutions. 2
4 Introduction Enhanced Privileged Account Management with Quest One Quest One Identity Solutions deliver privileged account management by providing powerful tools that delegate access to exactly what an administrator should be allowed to access nothing more, nothing less eliminating the keys to the kingdom problem. Previously, this included privileged account management for AD and Unix/Linux administrators only. Quest s recent acquisition of e-dmz Security LLC, however, as enabled Quest One to extend privileged account management to Windows, applications, and even mainframes, with the addition of the Quest One Privileged Account Appliance, formerly known as eguardpost and PAR. The Quest One Privileged Account Appliance offers integrated modules designed specifically to meet the compliance and security requirements associated with privileged identity management and privileged access control: Privileged Password Manager Enables secure storage, release control, and change control of privileged passwords across a heterogeneous deployment of systems and applications. Privileged Password Manager also replaces embedded passwords that are hardcoded in scripts, procedures and programs with simple CLI/API calls. Privileged Session Manager Offers control, auditing, and replay of sessions of high risk users, including administrator and remote vendors. Privileged Command Manager Provides the ability to granularly delegate user access to specific programs, tasks and commands across both Windows and Unix/Linux hosts. Privileged Command Manager is an add-on module to Privileged Session Manager. About this Document The appliance uses multiple defense mechanisms to thwart potential attacks and security breaches. This document describes the layers of protection employed in the Quest One Privileged Account Appliance. 3
5 Layers of Protection in the Quest One Privileged Account Appliance Appliance Hardening The Quest One Privileged Account Appliance outermost layer of protection consists of measures to protect the physical appliance itself. These measures include the following: Full disk encryption with pre-boot authentication The hard drive for the appliance is protected via full disk encryption (AES-256) provided by Guardian Edge s Encryption Plus Hard Disk. This ensures that even if the appliance is lost or stolen, the disk cannot be accessed outside the appliance. The pre-boot authentication prevents attempts to remotely mount the drive to bypass access controls, since the device remains locked until the boot process is complete, at which time all internal controls are enabled. Firewall Appliances are protected via an internal firewall. The firewall provides packet inspection and filtering and is configured with the following rules: HTTPS (443/tcp) is permitted inbound. Optional HTTPS over port 8443 may be user-enabled for remote access to the appliance configuration interface. SSH2 (22/tcp) is permitted inbound to PAR for CLI/API access. Connections from the appliance and their responses are permitted. Other traffic directed to the appliance is dropped with the details recorded in the firewall log in the application. Operating System Hardening The next layer of protection involves hardening the operating system and system-level software, such as the internal database management system (DBMS). These measures include the following: Prevent console access and restrict network access Console access is not permitted by any user. A large percentage of security breaches are accomplished by convincing a privileged user to access a malicious web site or open an infected file; preventing access to underlying operating system completely mitigates these risks. Disable or remove unused services Any services that are not specifically required by the appliance are disabled or removed, which tremendously reduces potential attack vectors. Some of the most frequently exploited services that are disabled are the server service, terminal services, remote administration, routing, and remote access. While the appliance runs on a server operating system, it does that act as a server in any way except to perform its dedicated purpose. Disable or remove unused programs and operating system components All unnecessary operating system components or applications are removed or disabled. Examples include disabling all unused Internet Information Service components and removing all client software. Implement highly restrictive ACLs Access control lists (ACLs) throughout the file system ensure that no individual can gain access to any sensitive file for which they have not been specifically granted access. This measure helps to ensure that and error or oversight in an application or web page will not allow and 4
6 authenticated user (non-authenticated users have no access to anything) to retrieve information that they are not authorized to access. Use Local Security Policy As a starting point, the appliances are configured following best practices for Local Security Policy settings, and then are extended to further restrict and remove any authority that is not required for the appliance s dedicated purpose. Application Protection Techniques Further protection comes from the following application protection techniques: Web server security The Web server is secured in accordance with Microsoft s guidelines for IIS security, and then further hardened by disabling unnecessary services, even though the firewall assures that these services are unavailable. Access to the Web server permitted via HTTPS only, ensuring that no clear text information is ever communicated between the appliance and a client across the network. Database security Communication between the Web application and the database is secured by permitting the execution of the pre-compiled stored procedures only to the appropriate operating system groups. There is no access whatsoever to the underlying database structures or data, and the stored procedure parameters are validated upon execution. This eliminates and possibility of SQL injection exploits. Additional validation is performed within ever stored procedure to ensure that the user is authorized to access the specific data or perform the specific action in the request. Service broker architecture The appliance employs a service broker architecture to perform the various tasks, such as decrypting a password or changing the password on a remote system. This architecture ensures that the users have no ability to perform any tasks or access any sensitive data outside of the application. Instead, the user submits a request for an action to be performed, and after confirming that that user is permitted to request that action against the specific object, the broker will perform the task and return the results to the user. Protection of passwords Passwords for managed systems and accounts reside in tables in the database, but are never stored as clear text. Instead they are AES-256 encrypted before storage, and the key used for this encryption is an x.509 certificate that is not accessible to users in any way. (This is discussed in further detail in the next section.) Since no unencrypted password information, nor any of the keys used to encrypt or decrypt the password, are stored in the appliance, no additional encryption (beyond the full disk encryption) of the database data files is performed. File system ACLs however, do protect the files from access by unauthorized individuals. Certificates, Keys and Key Management The Quest One Privileged Account Appliance stores, manages and uses numerous keys and certificates for protecting application components and communicating to external devices. Protection of these components fall within the measures described above but merits the following additional discussion: SSH private keys The appliance components use SSH and SCP extensively, whether it is to communicate with a partner appliance in a high availability environment; to transfer backups, data extracts, or session logs to a remote storage location; or to communicate with a managed system to perform password management tasks. 5
7 These key pairs are OpenSSH-format, 1024-bit DSA keys that are typically generated inside the appliance. The only private keys that can be imported are for managing systems. Our recommendation is NOT to do this, but to let the appliance generate the key pairs instead. This way, only the appliance has access to the private key, with no means for anyone to gain access to them. This option exists for companies whose policy dictates that the private key must be escrowed at some other location. In that case, we will generate public keys based on the imported private key. If this is successful, then the public key for the uploaded private key is made available for download from the appliance. Private keys are placed into and ACL protected folder on the encrypted hard disk and are accessible only to the internal account. The appliances allow the creation of multiple system-wide key pairs with configurable start and end dates or a single key pair for every system. The use of system-wide keys allow for greatly simplified deployment and facilitates key rotation, whereas the use of system-specific keys greatly reduces the exposure of a key that becomes compromised. Encryption keys In most cases, an X.509 certificate is used as the key for encryption. The exception to this rule is for encryption of the session recording logs, which are stored outside of the database. For these session logs, a unique, random, strong password is used as the key for encryption and is stored in the database. This facilitates recording and replay of recorded sessions through Distributed Processing Appliances (DPAs). Certificates Certificates are used for several purposes: Web server certificates (HTTPS) Two SSL certificates exist for the distinct Web servers on the appliances. The first is for the standard application interface. This can and should be changed at initial install, and then changed periodically based on internal company policy. The second is for the configuration interface. At present, this certificate cannot be changed, because 1) access to the configuration interface can be limited to a crossover connection to the configuration port of the appliance only, and 2) a failure to update this certificate correctly would completely disable the configuration interface, potentially making the appliance unreachable and irreparable. A planned enhancement will soon remove this restriction. Encryption keys Several different X.509 v3 certificates are used for encrypting and decrypting files or data on the appliance. These certificates are stored in the personal key store of an internal account and protected by Microsoft DPAPI; that is, the master key for the store is encrypted using a hash of the current password for the account and can be updated only via a change password, which decrypts the master key with the old password hash and then re-encrypts with the new password hash. If a forced password change occurs, the key trail is permanently destroyed. The master password can be rotated at any time by the customer by performing a Reset Internal Password command from the System Configuration interface of the application, which resets the internal password for this account to a randomly generated strong password, and as a result, resets the DPAPI master key. For mutual certificate authentication between a Privileged Account Appliance and a Virtual Cache Appliance Communication with a Virtual Cache Appliance is performed by consuming or invoking secure Web services, and certificates are used for bi-directional authentication. 6
8 Backup Protection A backup is an archive of the application components and data files, including the databases, keys, user account databases, and web server settings. This archive is AES-256 encrypted with a X.509 certificate dedicated for internal operations, and protected as described in the preceding section, Certificates, Keys, and Key Management. This X.509 certificate exists on all Quest One Privileged Account Appliance devices, since it is what enables us to send a replacement appliance on which you could restore a previous backup to recover all data from a failed appliance. This of course means that a backup from one customer could be restored onto another customer's appliance; however, it would be unusable without knowledge of valid usernames and passwords to gain access to it. To provide added protection, the backup can optionally be encrypted a second time using a customer-supplied password as the key, ensuring that it can be restored only by people with the knowledge of that password. This additional encryption is highly recommended. Security for Patches and Software Updates The only way to apply code changes such as an application update, license change, or an operating system security patch to an application is via a patch provided by Quest Software. These patches are a proprietary format, are AES-256 encrypted using an X.509 certificate as the key, and are further authenticated by the use of a patch key that is uniquely generated based on both hardware and software attributes of the appliance. This ensures that only patches that come from Quest can be applied to an appliance. 7
9 About Quest One Identity Solutions Quest One Identity Solutions reduce the complexity, cost and risk of managing identities and controlling access to increase your compliance, security and efficiency. Our modular yet integrated approach features a broad portfolio of award-winning solutions that simplify access governance, user activity monitoring, privileged account management and identity administration. Unlike traditional framework solutions, Quest One provides granular enforcement across heterogeneous systems with 360-degree business visibility and incredibly rapid time to value! Whether you are starting from scratch, already have an identity and access management solution or need to address specific IAM objectives on a single system or platform, Quest One enables you to do it more simply and affordably than you can imagine. Learn more about the solutions that earned SC Magazine s highest five-star RECOMMENDED rating by visiting 8
10 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose without the written permission of Quest Software, Inc. ( Quest ). The information in this document is provided in connection with Quest products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Quest products. EXCEPT AS SET FORTH IN QUEST'S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, QUEST ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL QUEST BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Quest does not make any commitment to update the information contained in this document. If you have any questions regarding your potential use of this material, contact: Quest Software World Headquarters LEGAL Dept 5 Polaris Way Aliso Viejo, CA legal@quest.com Refer to our Web site for regional and international office information. Trademarks Quest, Quest Software, the Quest Software logo, AccessManager, ActiveRoles, Aelita, Akonix, AppAssure, Benchmark Factory, Big Brother, BridgeAccess, BridgeAutoEscalate, BridgeSearch, BridgeTrak, BusinessInsight, ChangeAuditor, ChangeManager, Defender, DeployDirector, Desktop Authority, DirectoryAnalyzer, DirectoryTroubleshooter, DS Analyzer, DS Expert, Foglight, GPOADmin, Help Desk Authority, Imceda, IntelliProfile, InTrust, Invirtus, itoken, I/Watch, JClass, Jint, JProbe, LeccoTech, LiteSpeed, LiveReorg, LogADmin, MessageStats, Monosphere, MultSess, NBSpool, NetBase, NetControl, Npulse, NetPro, PassGo, PerformaSure, Point,Click,Done!, PowerGUI, Quest Central, Quest vtoolkit, Quest vworkspace, ReportADmin, RestoreADmin, ScriptLogic, Security Lifecycle Map, SelfServiceADmin, SharePlex, Sitraka, SmartAlarm, Spotlight, SQL Navigator, SQL Watch, SQLab, Stat, StealthCollect, Storage Horizon, Tag and Follow, Toad, T.O.A.D., Toad World, vautomator, vcontrol, vconverter, vfoglight, voptimizer, vranger, Vintela, Virtual DBA, VizionCore, Vizioncore vautomation Suite, Vizioncore vbackup, Vizioncore vessentials, Vizioncore vmigrator, Vizioncore vreplicator, WebDefender, Webthority, Xaffire, and XRT are trademarks and registered trademarks of Quest Software, Inc in the United States of America and other countries. Other trademarks and registered trademarks used in this guide are property of their respective owners. Updated [September, 2011] 9
11 About Quest Software, Inc. Quest Software (Nasdaq: QSFT) simplifies and reduces the cost of managing IT for more than 100,000 customers worldwide. Our innovative solutions make solving the toughest IT management problems easier, enabling customers to save time and money across physical, virtual and cloud environments. For more information about Quest solutions for administration and automation, data protection, development and optimization, identity and access management, migration and consolidation, and performance monitoring, go to Contacting Quest Software PHONE (United States and Canada) If you are located outside North America, you can find your local office information on our Web site. MAIL Quest Software, Inc. World Headquarters 5 Polaris Way Aliso Viejo, CA USA Contacting Quest Support Quest Support is available to customers who have a trial version of a Quest product or who have purchased a commercial version and have a valid maintenance contract. Quest Support provides around-the-clock coverage with SupportLink, our Web self-service. Visit SupportLink at SupportLink gives users of Quest Software products the ability to: Search Quest s online Knowledgebase Download the latest releases, documentation and patches for Quest products Log support cases Manage existing support cases View the Global Support Guide for a detailed explanation of support programs, online services, contact information and policies and procedures. TBW-Q1P-AccAppliance-US-SW-BODY
An Introduction to Toad Extension for Visual Studio. Written By Thomas Klughardt Systems Consultant Quest Software, Inc.
An Introduction to Toad Extension for Visual Studio Written By Thomas Klughardt Systems Consultant Quest Software, Inc. Contents Introduction... 2 Installation... 3 Creating Projects... 4 Working with
More information10.2. Auditing Cisco PIX Firewall with Quest InTrust
10.2 Auditing Cisco PIX Firewall with Quest InTrust 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationDirect Migration from SharePoint 2003 to SharePoint 2010
Direct Migration from SharePoint 2003 to SharePoint 2010 It s Easy with Quest Migration Manager for SharePoint Written By Alexander Kirillov, Quest Software TECHNICAL BRIEF 2010 Quest Software, Inc. ALL
More informationSecure and Efficient Log Management with Quest OnDemand
Secure and Efficient Log Management with Quest OnDemand TECHNICAL BRIEF 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of
More informationMigrating Your Applications to the Cloud
Migrating Your Applications to the Cloud How to Overcome the Challenges and Reduce the Costs Written By Quest Software, Inc. Contents Abstract... 2 Introduction... 3 What is the Cloud?... 3 Current and
More informationGo Beyond Basic Up/Down Monitoring
Go Beyond Basic Up/Down Monitoring Extending the Value of SCOM with Spotlight on SQL Server Enterprise and Foglight Performance Analysis for SQL Server Introduction Microsoft Systems Center Operations
More informationTaking Unix Identity and Access Management to the Next Level
Taking Unix Identity and Access Management to the Next Level Now that you ve taken care of local users and groups what s next? Written by Quest Software, Inc. TECHNICAL BRIEF 2010 Quest Software, Inc.
More informationEight Best Practices for Identity and Access Management
Eight Best Practices for Identity and Access Management BUSINESS BRIEF 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this
More informationUsing Stat with Custom Applications
Using Stat with Custom Applications Written by Quest Software Inc. TECHNICAL BRIEF 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright.
More informationFoglight 5.5.4.5 for SQL Server
Foglight 5.5.4.5 for SQL Server Managing SQL Server Database Systems 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationQuest Management Agent for Forefront Identity Manager
Quest Management Agent for Forefront Identity Manager Version 1.0 Administrator Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright.
More informationQuest ChangeAuditor 5.0. For Windows File Servers. Events Reference
Quest ChangeAuditor For Windows File Servers 5.0 Events Reference 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationKey Methods for Managing Complex Database Environments
Key Methods for Managing Complex Database Environments Written by Dave Pearson Senior Project Manager Quest Software, Inc. WHITE PAPER Contents Abstract... 4 Introduction... 5 Balancing Key Business Needs...
More informationToad for Oracle Compatibility with Windows 7 Revealed
Toad for Oracle Compatibility with Windows 7 Revealed Written by John Pocknell Quest Software TECHNICAL BRIEF Contents Contents... 1 Abstract... 2 Introduction... 3 Testing... 4 Possible Issues... 5 Issue
More informationProactive Performance Management for Enterprise Databases
Proactive Performance Management for Enterprise Databases Written by Dave Pearson, Senior Product Manager, Quest Software, Inc. WHITE PAPER 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document
More informationSix Steps to Achieving Data Access Governance. Written By Quest Software
Six Steps to Achieving Data Access Governance Written By Quest Software Contents Abstract... 2 It s the Wild West Out There... 3 The Problems with Current Practices... 4 Inefficiency... 4 Ineffectiveness...
More informationAn Innovative Approach to SOAP Monitoring. Written By Quest Software
An Innovative Approach to SOAP Monitoring Written By Quest Software Contents Introduction...2 SOAP Overview...3 The SOAP Monitoring Challenge...6 From the Service Consumer Perspective...6 From the Service
More informationHow Password Lifecycle Management Can Save Money and Improve Security
How Password Lifecycle Management Can Save Money and Improve Security by Don Jones Quest Software, Inc. WHITE PAPER 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information
More informationThe Active Directory Management and Security You ve Always Dreamed Of
The Active Directory Management and Security You ve Always Dreamed Of Written by Don Jones Co-founder, Concentrated Technology WHITE PAPER 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains
More information2007 Quest Software, Inc. ALL RIGHTS RESERVED. TRADEMARKS. Disclaimer
What s New 6.7 2007 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license
More informationThe Case for Quest One Identity Manager
The Case for Quest One Identity Manager How Four Organizations Simplified and Transformed Identity and Access Management BUSINESS BRIEF 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains
More informationAchieving ISO/IEC 27001 Compliance with Quest One Solutions for Privileged Access. Written By Quest Software, Inc.
Achieving ISO/IEC 27001 Compliance with Quest One Solutions for Privileged Access Written By Quest Software, Inc. Contents Abstract... 2 Introduction... 3 About BS ISO/IEC 27001:2005... 3 About ISO 27001
More informationHow to Use Custom Site Templates and Definitions supporting Corporate look-and-feel
l 10.3 1.0 Installation Auditing and Configuration Microsoft ISA Server Guide How to Use Custom Site Templates and Definitions supporting Corporate look-and-feel 2010 Quest Software, Inc. ALL RIGHTS RESERVED.
More informationFive Tips for Effective Backup and Recovery in Virtual Environments
Five Tips for Effective Backup and Recovery in Virtual Environments Written by Daniel Lord Sr. Product Marketing Manager Quest Software, Inc. WHITE PAPER Contents Abstract... 3 Introduction... 4 Our Five
More informationTop Seven Tips and Tricks for Group Policy in Windows 7
Top Seven Tips and Tricks for Group Policy in Windows 7 Written by Jeremy Moskowitz, Microsoft Group Policy MVP, GPanswers.com WHITE PAPER 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains
More informationEnterprise Single Sign-On 8.0.3
For Internal Use Only Enterprise Single Sign-On 8.0.3 Additional Dedicated Server Instance Copyright 1998-2009 Quest Software and/or its Licensors ALL RIGHTS RESERVED. This publication contains proprietary
More informationDesktop to Cloud. Browser Migration in the Enterprise. Written By Quest Software, Inc.
Desktop to Cloud Browser Migration in the Enterprise Written By Quest Software, Inc. Contents Abstract... 2 Introduction... 3 The Growth of Cloud Computing... 4 The Challenges... 5 Challenges in Migrating
More information6.0. Planning for Capacity in Virtual Environments Reference Guide
6.0 Planning for Capacity in Virtual Environments 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationHow to Use Custom Site Templates and Definitions supporting Corporate look-and-feel
l 10.3 1.0 Auditing Installation and and Monitoring Configuration Microsoft Guide IIS How to Use Custom Site Templates and Definitions supporting Corporate look-and-feel 2010 Quest Software, Inc. ALL RIGHTS
More informationImage-Based Data Protection: Simply Better Data Protection
Image-Based Data Protection: Simply Better Data Protection Gain Net Savings of $15 for Every $1 Invested in Image-Based Data Protection Technologies Such as Quest vranger Written by Quest Server Virtualization
More informationSharePoint 2010 - Nine Key Features
Nine Key Features of SharePoint 2010 that Simplify SharePoint Administration Written by Joel Oleson Senior Architect Quest Software, Inc. WHITE PAPER 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This
More informationQuest Application Performance Monitoring Implementation Methodology
Quest Application Performance Monitoring Implementation Methodology 02-03-11 1 Contents Contents... 2 Objectives... 3 Quest APM Implementation Phases... 4 Phase I: Business Requirements Assessment... 4
More information8.0. Quick Start Guide
8.0 Quick Start Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software
More informationEnterprise Single Sign-On 8.0.3 Installation and Configuration Guide
Enterprise Single Sign-On 8.0.3 Installation and Configuration Guide Dedicated Directory Replication Copyright 1998-2009 Quest Software and/or its Licensors ALL RIGHTS RESERVED. This publication contains
More informationThe Active Directory Recycle Bin: The End of Third-Party Recovery Tools?
The Active Directory Recycle Bin: The End of Third-Party Recovery Tools? Written by Don Jones Microsoft MVP White Paper 2009 Quest Software, Inc. All rights reserved. This guide contains proprietary information,
More informationAre You Spending More than You Realize on Active Directory Management?
Are You Spending More than You Realize on Active Directory Management? Curbing Costs with Unified AD Management Written By Jeffery D. Hicks Principal Consultant JDH Information Technology Solutions, Inc.
More informationQuest Site Administrator 4.4
Quest Site Administrator 4.4 for SharePoint Product Overview 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information, which is protected by copyright. The software described
More informationQuest Support: vworkspace Troubleshooting Guide. Version 1.0
Quest Support: vworkspace Troubleshooting Guide Version 1.0 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in
More information2010 Quest Software, Inc. ALL RIGHTS RESERVED. Trademarks. Third Party Contributions
4.9 Evaluator Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software
More informationSHAREPOINT 2010. Best Practices for Preparing for SharePoint Migrations. Colin Spence IN FOUR EASY STEPS. Written by
Best Practices for Preparing for SharePoint Migrations Written by SHAREPOINT 2010 Colin Spence IN FOUR EASY STEPS MCP and MCTS in SharePoint, and Partner, Convergent Computing Prepare, Migrate, Manage
More informationProtecting and Auditing Active Directory with Quest Solutions
Protecting and Auditing Active Directory with Quest Solutions Written by Randy Franklin Smith CEO, Monterey Technology Group, Inc. Publisher of UltimateWindowsSecurity.com TECHNICAL BRIEF 2010 Quest Software,
More informationThe Quest Cloud Automation Platform
The Quest Cloud Automation Platform Written by Dave Malcom Vice President and Chief Technologist, Virtualization and Cloud, Quest Software, Inc. BUSINESS BRIEF Contents Abstract... 3 Introduction... 4
More informationEnterprise Single Sign-On. The Holy Grail of Computing
Enterprise Single Sign-On. The Holy Grail of Computing Written by Jackson Shaw Senior Director, Product Management Identity and Access Management, Quest Software Inc. Technical Brief 2009 Quest Software,
More informationA Governance Guide for Hybrid SharePoint Migrations. Written By Chris Beckett Information Systems Architect and SharePoint Solutions Specialist
A Governance Guide for Hybrid SharePoint Migrations Written By Chris Beckett Information Systems Architect and SharePoint Solutions Specialist Contents Abstract... 2 Introduction... 3 Understanding Cloud
More informationExchange 2010 and Your Audit Strategy
Exchange 2010 and Your Audit Strategy Authors Valentine Boiarkine Software Architect, Blade Contributors Jamie Manuel Product Marketing Manager, Quest Software Keith Bick Editor, Blade WHITE PAPER 2010
More informationIT Consolidation in the Public Sector: How to Achieve IT Optimization
IT Consolidation in the Public Sector: How to Achieve IT Optimization Written by Quest Software, Inc. WHITE PAPER 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information
More information2009 Quest Software, Inc. ALL RIGHTS RESERVED. Trademarks. Disclaimer
6.5 User Guide 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license
More informationControlling & Managing Super User Access
Controlling & Managing Super User Access A Primer on Privileged Account Management Written by Kris Zupan Chief Architect Quest Software WHITE PAPER 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document
More information6.5. Web Interface. User Guide
6.5 Web Interface User Guide 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a
More informationBest Practices Guide for IT Governance & Compliance
Best Practices Guide for IT Governance & Compliance Assess, Audit/Alert, and Remediate Written By Quest Software Contents Abstract... 3 Introduction... 4 Key Steps to Maintaining Compliance... 5 Overview...
More informationTop Five Reasons to Choose Toad Over SQL Developer
Top Five Reasons to Choose Toad Over SQL Developer Written By: John Pocknell Senior Product Manager Quest Software Contents Abstract... 2 Introduction... 3 Toad for Oracle... 5 SQL Developer... 7 Top Five
More informationFoglight 5.2.0. Foglight Experience Viewer (FxV) Upgrade Field Guide
Foglight 5.2.0 Foglight Experience Viewer (FxV) 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is
More informationMoving to the Cloud : Best Practices for Migrating from Novell GroupWise to Microsoft Exchange Online Standard
Moving to the Cloud : Best Practices for Migrating from Novell GroupWise to Microsoft Exchange Online Standard Written by Keith Ridings, Product Manager, GroupWise Migration Dan Gauntner, Product Marketing
More informationBest Practices for SharePoint Development and Customization
Best Practices for SharePoint Development and Customization Written By: Mario Fulan, MCM, Account Technology Strategist, Microsoft Ricardo Wilkins, SharePoint Practice Lead, Improving Enterprises Contents
More information8.6 Migrating to Exchange 2010
8.6 Migrating to Exchange 2010 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under
More informationQuest SQL Optimizer 6.5. for SQL Server. Installation Guide
Quest SQL Optimizer for SQL Server 6.5 2008 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More information4.0. Offline Folder Wizard. User Guide
4.0 Offline Folder Wizard User Guide Copyright Quest Software, Inc. 2007. All rights reserved. This guide contains proprietary information, which is protected by copyright. The software described in this
More informationDesktop Virtualization: Best Bet for a Dwindling IT Budget?
Desktop Virtualization: Best Bet for a Dwindling IT Budget? Where are the Actual Savings? Written by Quest Software s Desktop Virtualization Group WHITE PAPER Contents Executive Summary... 2 Hardware Savings...
More informationQuest One Password Manager
Quest One Password Manager Version 5.0 Administrator Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this
More informationHow to Use Custom Site Templates and Definitions supporting Corporate look-and-feel
l 10.3 1.0 Auditing Installation and Monitoring and Configuration Microsoft Windows Guide How to Use Custom Site Templates and Definitions supporting Corporate look-and-feel 2010 Quest Software, Inc. ALL
More informationUsing Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group
Using Self Certified SSL Certificates Paul Fisher Systems Consultant paul.fisher@quest.com Quest Software Desktop Virtualisation Group Quest Software (UK) Limited Ascot House Maidenhead Office Park Westacott
More informationData Center Consolidation Strategies for the Federal CIO
Data Center Consolidation Strategies for the Federal CIO Written by Quest Software, Inc. WHITE PAPER Contents Abstract... 3 Introduction... 4 The Role of the CIO in Consolidation... 6 Taking the Strategic
More informationBenchmark Factory for Databases 6.5. User Guide
Benchmark Factory for Databases 6.5 User Guide Copyright 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this
More informationFoglight 5.6.4. Managing SQL Server Database Systems Getting Started Guide. for SQL Server
Foglight for SQL Server 5.6.4 Managing SQL Server Database Systems Getting Started Guide 2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright.
More informationFoglight. Managing Java EE Systems Supported Platforms and Servers Guide
Foglight Managing Java EE Systems Supported Platforms and Servers Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationMigrating Lotus Notes Applications to Microsoft Office 365 and SharePoint Online
Migrating Lotus Notes Applications to Microsoft Office 365 and SharePoint Online Author Steve Walch Senior Product Manager Quest Software WHITE PAPER 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This
More informationUnified and Intelligent Identity and Access Management
Unified and Intelligent Identity and Access Management Authors Jackson Shaw Quest Software, Inc. WHITE PAPER 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information
More informationFoglight. Foglight for Virtualization, Free Edition 6.5.2. Installation and Configuration Guide
Foglight Foglight for Virtualization, Free Edition 6.5.2 Installation and Configuration Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright.
More information8.0. Forest Edition. Deployment Guide
8.0 Forest Edition Deployment Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationQuest Solutions for PCI Compliance
Quest Solutions for PCI Compliance Effective Data Access Controls and Data Protection Management for Complying with the Payment Card Industry Data Security Standard Written by Quest Software, Inc. TECH
More informationChoosing the Right Active Directory Bridge Solution
Choosing the Right Active Directory Bridge Solution Written by Quest Software, Inc. WHITE PAPER 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by
More informationFoglight for Oracle. Managing Oracle Database Systems Getting Started Guide
Foglight for Oracle Managing Oracle Database Systems Getting Started Guide 2014 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software
More informationDefender Delegated Administration. User Guide
Defender Delegated Administration User Guide 2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationQuest vworkspace Virtual Desktop Extensions for Linux
Quest vworkspace Virtual Desktop Extensions for Linux What s New Version 7.6 2012 Quest Software, Inc. ALL RIGHTS RESERVED. Patents Pending. This guide contains proprietary information protected by copyright.
More informationFoglight 5.6.5.2. Managing SQL Server Database Systems Getting Started Guide. for SQL Server
Foglight for SQL Server 5.6.5.2 Managing SQL Server Database Systems Getting Started Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright.
More informationSystem Requirements and Platform Support Guide
Foglight 5.6.7 System Requirements and Platform Support Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in
More informationAuthentication Services 4.1. Authentication Services Single Sign-on for SAP Integration Guide
Authentication Services 4.1 Authentication Services Single Sign-on for SAP Integration Guide Copyright 2014 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected
More informationformerly Help Desk Authority 9.1.2 Quest Free Network Tools User Manual
formerly Help Desk Authority 9.1.2 Quest Free Network Tools User Manual 2 Contacting Quest Software Email: Mail: Web site: info@quest.com Quest Software, Inc. World Headquarters 5 Polaris Way Aliso Viejo,
More informationQuest ActiveRoles Server
Quest ActiveRoles Server Deployment Best Practices Written by Quest Software, Inc. TECH BRIEF 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by
More informationFoglight. Foglight for Virtualization, Enterprise Edition 7.2. Virtual Appliance Installation and Setup Guide
Foglight Foglight for Virtualization, Enterprise Edition 7.2 Virtual Appliance Installation and Setup Guide 2014 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected
More informationData center and cloud management. Enabling data center modernization and IT transformation while simplifying IT management
Data center and cloud management Enabling data center modernization and IT transformation while simplifying IT management 2013 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information
More information2010 Quest Software, Inc. ALL RIGHTS RESERVED. Trademarks. Third Party Contributions
4.9 User Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license
More informationFoglight. Dashboard Support Guide
Foglight Dashboard Support Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under
More informationfor Oracle 7.5.3 User Guide
Quest SQL Optimizer for Oracle 7.5.3 User Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is
More informationQuick Connect Express for Active Directory
Quick Connect Express for Active Directory Version 5.2 Quick Start Guide 2012 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in
More informationQuest ChangeAuditor 4.8
Quest ChangeAuditor 4.8 Migration Guide Copyright Quest Software, Inc. 2009. All rights reserved. This guide contains proprietary information protected by copyright. The software described in this guide
More informationFOR WINDOWS FILE SERVERS
Quest ChangeAuditor FOR WINDOWS FILE SERVERS 5.1 User Guide Copyright Quest Software, Inc. 2010. All rights reserved. This guide contains proprietary information protected by copyright. The software described
More informationQuest Migration Manager 3.2
Quest Migration Manager 3.2 for SharePoint User Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information, which is protected by copyright. The software described
More information2011 Quest Software, Inc. ALL RIGHTS RESERVED. Trademarks. Third Party Contributions
8.0 User Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license
More informationChangeAuditor 5.6. For Windows File Servers Event Reference Guide
ChangeAuditor 5.6 For Windows File Servers Event Reference Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationMeeting the Challenge of Log Management for Unix and Linux Systems
Meeting the Challenge of Log Management for Unix and Linux Systems Written by Randy Franklin Smith CEO, Monterey Technology Group, Inc. Publisher of UltimateWindowsSecurity.com WHITE PAPER 2010 Quest Software,
More informationDell One Identity Cloud Access Manager 8.0 - How to Configure vworkspace Integration
Dell One Identity Cloud Access Manager 8.0 - How to Configure vworkspace Integration February 2015 This guide describes how to configure Dell One Identity Cloud Access Manager to communicate with a Dell
More informationQuest Collaboration Services 3.6.1. How it Works Guide
Quest Collaboration Services 3.6.1 How it Works Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationQuest Site Administrator 4.4
Quest Site Administrator 4.4 for SharePoint Quick Start Guide 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information, which is protected by copyright. The software described
More informationWeb Portal Installation Guide 5.0
Web Portal Installation Guide 5.0 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under
More informationChangeAuditor 6.0 For Windows File Servers. Event Reference Guide
ChangeAuditor 6.0 For Windows File Servers Event Reference Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationTen Things to Look for in a SharePoint Recovery Tool
Ten Things to Look for in a SharePoint Recovery Tool Written by Ilia Sotnikov Product Manager, SharePoint Management Solutions Quest Software, Inc. White Paper Copyright Quest Software, Inc. 2009. All
More informationvranger Version 5.5 Installation and Setup Guide
vranger Version 5.5 Installation and Setup Guide 2012 Vizioncore, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationExtending Native Active Directory Capabilities to Unix and Linux
Extending Native Active Directory Capabilities to Unix and Linux Quest Authentication Services is the Foundation for an Enterprise-wide, Active Directory-based, Identity Management Strategy Written by
More informationEnterprise Single Sign-On 8.0.3. Getting Started with SSOWatch
Enterprise Single Sign-On 8.0.3 Getting Started with SSOWatch Copyright 1998-2009 Quest Software and/or its Licensors ALL RIGHTS RESERVED. This publication contains proprietary information protected by
More information