Automating and enforcing access controls for privileged administrators
WHAT IS THIS TECHNOLOGY?
Most organizations have accounted for network security threats posed by spyware, hackers, external networks and the Internet, but there is one threat often overlooked: the internal privileged user. Malicious system, network and database administrators using command line/application interfaces within the critical infrastructure can use their knowledge of protocols and tools to leapfrog to unauthorized areas of the network and compromise sensitive information. It has been near impossible to put automated security controls into place, and to automatically test/validate those controls due to the fact that privileged network users are highly skilled, require broad network access and use sophisticated tools.
The Xceedium GateKeeper™ is a government-grade, hardened appliance that allows C-level executives, infrastructure managers and auditors at Fortune 200 organizations and US government agencies to secure their IT environments from malicious system, network and database administrators working with command line and application interfaces within the critical infrastructure from any location, whether internal or external. Leaving no footprint on the network, the GateKeeper centralizes, controls and encrypts connection requests to systems and applications; connections are monitored and reported in real-time, and access and activity violations are remediated in real-time. Entire sessions are logged and recorded for future review to deliver comprehensive reporting capability and ensure regulatory compliance. The GateKeeper integrates with existing enterprise systems such as Citrix, Active Directory and PKI/CAC.
The GateKeeper is exposing the weaknesses in traditional network access control (NAC) technologies, because NAC does not provide security at the server level, leaving a primary attack point vulnerable.
The GateKeeper provides first-to-market, proprietary technology that allows companies to protect critical infrastructure by restricting privileged users to authorized areas only. Its patent-pending LeapFrog Prevention technology monitors and enforces policy at the command line layer and tracks all activities for these users. When a user attempts to open a socket to another device or server on the network using interactive protocols or commands, GateKeeper blocks use of the protocol to prevent “leap-frogging” to other unauthorized devices. GateKeeper also generates comprehensive, ad hoc activity alerts, meeting industry requirements and regulations. LeapFrog Prevention technology is available for Windows, Linux, Solaris and AIX.
A centralized IT operations management platform, the GateKeeper supplies a single browser-based user interface – a master console – for all IT administrators to use when accessing any part of the infrastructure. This interface provides a centralized place to find all authorized access tools that are delivered as browser-based applets, and a single point to flexibly launch all access methods – in-band, out-of-band and power. Administrators work with one-touch control, including simultaneous administration of multiple disjointed data centers. The end result: speedier resolution of IT issues, higher staff productivity, reduced travel costs, and improved service levels.
Xceedium provides an easy way for companies to create and enforce a granular access policy for highly skilled privileged users. It delivers a standardized security model for all privileged users that satisfies compliance controls and reporting requirements. With Xceedium, all privileged user activities and events can be tracked effectively and unobtrusively.
Reduce the risks and vulnerabilities created by privileged users in the enterprise
Cost effective way to deliver access controls for compliance
Provide centralized tracking and reporting for all privileged user activities
Deliver a way for organizations to increase the accountability of privileged users
Secure efficient access for IT administrators
Standardized containment security model
Compartmentalization and separation of activity
Violations control– with real-time alert/prevention at command line levels
Complete audit and reporting capability
Centralized management of IT operations
How it Works:
IT operations platform that allows these users to easily do their jobs
Security policy creation and enforcement
Tracking of all user events and activities for all devices and systems, including keystroke logging and session recording
Reverse Port Tunneling access methodology provides compartmentalization to the port level
Lack of visibility to unauthorized areas of the infrastructure
Leap Frog Prevention
Real time alerting
Comprehensive Tracking and Reporting
End-to-end view of all activity, in one central place, at the source IP address level
User activity is tracked and logged, including the date and time the user logged into a specific device, the access method, the duration of the session is audited and tracked
Detailed audit capabilities that deliver not only keystroke logging but session recording as well
New Features and Capabilities of Xceedium GateKeeper 4.0 (Released January 2008):
LeapFrog Prevention technology: Blocks use of protocols when a user attempts to open a socket to another device or server on the network, to prevent circumvention of authorized access policies.
Command Line Keystroke Logging and Session Recording: Tracks all activity in the data center and remote locations as a single, centralized source for comprehensive reporting, enabling compliance with S-OX, PCI, HIPAA, FISMA, GLBA and other regulations.
Real-Time Violation Alerts and Remediation: All activities of technical users are extensively monitored and logged. Administrators are alerted to any violation attempts in real-time, and repeated violation attempts can be met with automatic session shut-down and/or suspension of the user’s account.
Easy-to-Produce Reporting: Automates the process of auditing and regulatory compliance reporting. Concise-yet-comprehensive reports are generated that meet industry requirements and regulations.
Certifications: Xceedium GateKeeper 4.0 has received Common Criteria EAL-2, Common Criteria EAL-3, FIPS 140-2, Level 2 and JITC PKI/CAC certifications.
Conclusion: Xceedium GateKeeper enables organizations to automate and enforce access controls for privileged administrators working within the infrastructure, without compromising operational efficiency. GateKeeper provides centralized, remote and real-time monitoring, blocking, alerting and remediation of user activity and produces comprehensive reports demonstrating the effectiveness of operation controls and regulatory compliance during audits.
30 Montgomery St., Ste. 1020
Jersey City, NJ 07302