improve your compliance across unix and linux environments

Improve Your Compliance Across UNIX and Linux Environments

Baber AminBusiness Line ManagerNovell, Inc. /baber@novell.com

Richard BoultonNPUM Lead,Novell, Inc./rboulton@novell.com

© Novell, Inc. All rights reserved.2

Agenda

• Privileged Identities

• Privileged Identities and Compliance

• Novell® Privileged User Manager

• Demo

© Novell, Inc. All rights reserved.3

Privileged Identities

• Least Privilege Concept

• Dangers from Privileged Identities

© Novell, Inc. All rights reserved.4

© Novell, Inc. All rights reserved.5

© Novell, Inc. All rights reserved.6

Privileged Accounts

© Novell, Inc. All rights reserved.7

Privileged Accounts

Access to Information

© Novell, Inc. All rights reserved.8

Privileged Accounts

Access to Information

Bypass Controls

© Novell, Inc. All rights reserved.9

Privileged Accounts

Access to Information

Hacker Target

Bypass Controls

© Novell, Inc. All rights reserved.10

Privileged Accounts

Access to Information

Hacker Target

Bypass Controls

Insider Threats

© Novell, Inc. All rights reserved.11

Privileged Identities and Regulatory Compliance

© Novell, Inc. All rights reserved.12

Privileged Identities and Regulatory Compliance• Sarbanes-Oxley

© Novell, Inc. All rights reserved.13

Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI

© Novell, Inc. All rights reserved.14

Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA

© Novell, Inc. All rights reserved.15

Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA• GLBA

© Novell, Inc. All rights reserved.16

Privileged Identities and Regulatory Compliance• Sarbanes-Oxley• PCI• HIPAA• GLBA• ISO 27001

© Novell, Inc. All rights reserved.17

What does Novell® offer?

© Novell, Inc. All rights reserved.18

© Novell, Inc. All rights reserved.19

Who can Initiate an Action?

© Novell, Inc. All rights reserved.20

What Actions can They Initiate?Who can Initiate an Action?

© Novell, Inc. All rights reserved.21

Audit ALL Activity

Who can Initiate an Action?What Actions can They Initiate?

© Novell, Inc. All rights reserved.22

Centralized Management

© Novell, Inc. All rights reserved.23

Compliance Workflow

© Novell, Inc. All rights reserved.24

3 Step UNIX/Linux Compliance Solution

• 100% privileged user keystroke recording• Automated grading of activity risk level

Step 1

© Novell, Inc. All rights reserved.25

3 Step UNIX/Linux Compliance Solution

• 100% privileged user keystroke recording• Automated grading of activity risk level

Step 1

• Super user privilege management• Real-time control and alerting

Step 2

© Novell, Inc. All rights reserved.26

3 Step UNIX/Linux Compliance Solution

• 100% privileged user keystroke recording• Automated grading of activity risk level

Step 1

• Super user privilege management• Real-time control and alerting

Step 2

• Proactive compliance management• Auditing the auditor

Step 3

DEMO

© Novell, Inc. All rights reserved.28

Scenario 1: Basic Setup

PUM Agent

Privileged User Manager’s components

Linux / Unix Server

Help Desk

3

1. Help Desk accesses the POS devices (directly e.g. SSH)

2. PUM authenticates to PUM

3. Commands via keystroke are recorded and audited

4. PUM Admin authorizes events and reviews risks

PUM Framework

Auditor

4

2

1

© Novell, Inc. All rights reserved.29

Scenario 2: Large Environments

Privileged User Manager’s components 1. Help Desk accesses the PUM Jump-Off box pool

2. Jump-Off authenticates to PUM

3. PUM Jump-Off box creates PUM session on target

4. Commands and keystroke are recorded and audited

5. PUM Admin authorizes events and reviews risks

PUM Agent

PUM Jump-Off

PUM Framework

Help Desk

PUM Admin

3

4

2

1

5

© Novell, Inc. All rights reserved.30

PUM Jump-Off

Scenario 3: PUM and PoS

PUM SSH-Proxy

PUM Framework

Privileged User Manager’s components

POS Devices *

Help Desk

* Note: zero impact, no software agent installed

PUM Admin

1

2

3

45

1. Help Desk accesses the PUM Jump-Off box pool

2. Jump-Off authenticates to PUM

3. SSH-Proxy communicates to POS devices (trusted SSH session)

4. Commands via keystroke are recorded and audited

5. PUM Admin authorizes events and reviews risks

SSH

(tru

sted

cer

t)

© Novell, Inc. All rights reserved.31

Novell® Privileged User ManagerSSH Access via ‘Jump Box’

Provide the accountable access via SSH

Secure and manage all outbound access to corporate POS machines through ‘Jump-Off’ proxies

Reduced cost to associate every POS endpoint

Avoided impact to all POS endpoints

Audit all access to POS endpoints through Command Control which feeds into Compliance Auditor

In Closing

© Novell, Inc. All rights reserved.33

You Need Privileged User Management • Critical Apps on Linux / UNIX

© Novell, Inc. All rights reserved.34

You Need Privileged User Management • Critical Apps on Linux / UNIX

• Linux / Unix Server

© Novell, Inc. All rights reserved.35

You Need Privileged User Management • Critical Apps on Linux / UNIX

• Linux / Unix Server

• Verify and Audit actions

© Novell, Inc. All rights reserved.36

You Need Privileged User Management• Critical Apps on Linux / UNIX

• Linux / Unix Server

• Verify and Audit actions

• Admin credential proliferation

© Novell, Inc. All rights reserved.37

Novell® Privileged User Manager

• Control user access to root accounts

• Audit all user activity with 100% keystroke logging

• Analyze potential threats based on policy-based risk ratings

• Simplify audit reporting with the most relevant, context-based information

• Support compliance with internal policies and external regulations

© Novell, Inc. All rights reserved.38

Customers Include:

Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.