New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
 
2008 Best Deployment Scenario

Automating and enforcing access controls for privileged administrators

 

WHAT IS THIS TECHNOLOGY?

Most organizations have accounted for network security threats posed by spyware, hackers, external networks and the Internet, but there is one threat often overlooked: the internal privileged user. Malicious system, network and database administrators using command line/application interfaces within the critical infrastructure can use their knowledge of protocols and tools to leapfrog to unauthorized areas of the network and compromise sensitive information. It has been near impossible to put automated security controls into place, and to automatically test/validate those controls due to the fact that privileged network users are highly skilled, require broad network access and use sophisticated tools.

ORDER REPRINTS
 
Info Security Products Guide
 
this article
 
COMPARE and print reports
 
RATE products






Tomorrow's Technology Today - Network Security Solution


WHAT DOES THIS TECHNOLOGY DO?

The Xceedium GateKeeper is a government-grade, hardened appliance that allows C-level executives, infrastructure managers and auditors at Fortune 200 organizations and US government agencies to secure their IT environments from malicious system, network and database administrators working with command line and application interfaces within the critical infrastructure from any location, whether internal or external. Leaving no footprint on the network, the GateKeeper centralizes, controls and encrypts connection requests to systems and applications; connections are monitored and reported in real-time, and access and activity violations are remediated in real-time. Entire sessions are logged and recorded for future review to deliver comprehensive reporting capability and ensure regulatory compliance. The GateKeeper integrates with existing enterprise systems such as Citrix, Active Directory and PKI/CAC.

The GateKeeper is exposing the weaknesses in traditional network access control (NAC) technologies, because NAC does not provide security at the server level, leaving a primary attack point vulnerable.

The GateKeeper provides first-to-market, proprietary technology that allows companies to protect critical infrastructure by restricting privileged users to authorized areas only. Its patent-pending LeapFrog Prevention technology monitors and enforces policy at the command line layer and tracks all activities for these users. When a user attempts to open a socket to another device or server on the network using interactive protocols or commands, GateKeeper blocks use of the protocol to prevent “leap-frogging” to other unauthorized devices. GateKeeper also generates comprehensive, ad hoc activity alerts, meeting industry requirements and regulations. LeapFrog Prevention technology is available for Windows, Linux, Solaris and AIX.

A centralized IT operations management platform, the GateKeeper supplies a single browser-based user interface – a master console – for all IT administrators to use when accessing any part of the infrastructure. This interface provides a centralized place to find all authorized access tools that are delivered as browser-based applets, and a single point to flexibly launch all access methods – in-band, out-of-band and power. Administrators work with one-touch control, including simultaneous administration of multiple disjointed data centers. The end result: speedier resolution of IT issues, higher staff productivity, reduced travel costs, and improved service levels.

Xceedium provides an easy way for companies to create and enforce a granular access policy for highly skilled privileged users. It delivers a standardized security model for all privileged users that satisfies compliance controls and reporting requirements. With Xceedium, all privileged user activities and events can be tracked effectively and unobtrusively.

Benefits

  • Reduce the risks and vulnerabilities created by privileged users in the enterprise
  • Cost effective way to deliver access controls for compliance
  • Provide centralized tracking and reporting for all privileged user activities
  • Deliver a way for organizations to increase the accountability of privileged users

Key Capabilities

  • Secure efficient access for IT administrators
  • Standardized containment security model
  • Compartmentalization and separation of activity
  • Violations control– with real-time alert/prevention at command line levels
  • Application isolation
  • Complete audit and reporting capability
  • Centralized management of IT operations

How it Works:

Centralization

  • IT operations platform that allows these users to easily do their jobs
  • Security policy creation and enforcement
  • Tracking of all user events and activities for all devices and systems, including keystroke logging and session recording

Compartmentalization

  • Reverse Port Tunneling access methodology provides compartmentalization to the port level
  • Lack of visibility to unauthorized areas of the infrastructure
  • Application Isolation

Containment

  • Leap Frog Prevention
  • Real time alerting

Comprehensive Tracking and Reporting

  • End-to-end view of all activity, in one central place, at the source IP address level
  • User activity is tracked and logged, including the date and time the user logged into a specific device, the access method, the duration of the session is audited and tracked
  • Detailed audit capabilities that deliver not only keystroke logging but session recording as well

New Features and Capabilities of Xceedium GateKeeper 4.0 (Released January 2008):

  • LeapFrog Prevention technology: Blocks use of protocols when a user attempts to open a socket to another device or server on the network, to prevent circumvention of authorized access policies.
  • Command Line Keystroke Logging and Session Recording: Tracks all activity in the data center and remote locations as a single, centralized source for comprehensive reporting, enabling compliance with S-OX, PCI, HIPAA, FISMA, GLBA and other regulations.
  • Real-Time Violation Alerts and Remediation: All activities of technical users are extensively monitored and logged. Administrators are alerted to any violation attempts in real-time, and repeated violation attempts can be met with automatic session shut-down and/or suspension of the user’s account.
  • Easy-to-Produce Reporting: Automates the process of auditing and regulatory compliance reporting. Concise-yet-comprehensive reports are generated that meet industry requirements and regulations.
  • Certifications: Xceedium GateKeeper 4.0 has received Common Criteria EAL-2, Common Criteria EAL-3, FIPS 140-2, Level 2 and JITC PKI/CAC certifications.

Conclusion: Xceedium GateKeeper enables organizations to automate and enforce access controls for privileged administrators working within the infrastructure, without compromising operational efficiency. GateKeeper provides centralized, remote and real-time monitoring, blocking, alerting and remediation of user activity and produces comprehensive reports demonstrating the effectiveness of operation controls and regulatory compliance during audits.


Xceedium
30 Montgomery St., Ste. 1020
Jersey City, NJ 07302
Tel: +1-201-536-1000