contents

software
 
Symark Software Announces PowerBroker 5.0

Symark Software has announced PowerBroker 5.0, a solution for authorization and access control within heterogeneous UNIX/Linux IT environments. PowerBroker 5.0 now includes entitlement reporting capabilities that provide a detailed list of the commands that IT administrators and other users can run, on what systems and when. The new product also incorporates an access control list feature that simplifies the designation of access rights without requiring lengthy policies to be written. PowerBroker 5.0 helps organizations comply with PCI DSS, SOX, HIPAA and other regulations by enabling security managers to more easily grant selective administrative privileges while safeguarding the root password and controlling access to applications/commands, directories/files and permissions on various administrative tasks.

PowerBroker protects the root or "superuser" account from internal exploitation by a rogue employee or a hacker that has breached the network. By granularly delegating what tasks can be performed as the root password and by whom, PowerBroker helps prevent the alteration or deletion of critical system files, unauthorized access of confidential data and the deletion of logged events and audit trails. PowerBroker protects the root account by granularly binding specific root-level tasks to UNIX/Linux user IDs so that the root password does not need to be disclosed to operators and systems administrators. Totally non-intrusive, the program reduces the risk of accidental damage, theft of digital assets, or malicious activities without altering or disrupting the operating system — a practice that can violate software and systems warranties.

The new entitlement reporting functionality included in PowerBroker 5.0 lists the commands that systems administrators and other users are authorized to execute, including any constraints applied to their access privileges. This demonstrates to auditors the enforcement of segregation of duties and that steps are being taken to create a secure access control infrastructure.

Symark's PowerBroker 5.0 offers a multitude of new features designed to enhance security functionalities and simplify delegation of administrator privileges, including:
- Comprehensive Entitlement Reporting — Provides reports detailing the commands that systems administrators and other users are authorized to execute and on what systems — including any time-of-day constraints. Entitlement reporting supports security and compliance best-practices by ensuring the security of an organization's access control infrastructure. A built-in GUI report writer promptly creates the entitlement reports by incorporating a Web-based interface with a wizard-style workflow, eliminating the traditionally time-consuming process of manually creating entitlement reports.
- Access Control Lists — Simplifies the definition of access privileges by enabling PowerBroker administrators to specify the most commonly used access control mechanisms for various users or user groups without having to compose lengthy policy scripts for each scenario. The access control lists can be set using a number of different granular parameters, including user name, system, command, time of day and day of week, resulting in a more complete view of each user's specific access rights to various systems. This allows administrators to produce detailed lists of users' permissions for internal and external auditors to demonstrate compliance with various regulations.
- Centralized Log Pooling — Collects and stores PowerBroker logs from multiple servers onto one PowerBroker server, enabling administrators to review and manage logs from a centralized location. The log pooling feature allows for the more rapid discovery of anomalies as well as for a decrease in administrative overhead commonly associated with any log-review process.
- Packaged Installation — Provides native package install bundles for Solaris, Linux, HPUX and AIX systems to facilitate the installation of PowerBroker 5.0 across large heterogeneous environments. Administrators can automatically deploy PowerBroker to multiple servers from a remote location, reducing the time and cost associated with having to locally deploy licenses in multiple locations throughout the organization. The packaged bundles also track the installation process and updates activity in a database that is part of the operating system.



write your comments about the article :: © 2007 Computing News :: home page