1 / 24

Wallix AdminBastion v2.2 Secure accesses and trace actions

Wallix AdminBastion v2.2 Secure accesses and trace actions performed by IT service providers and administrators. New needs and challenges. 2. Administrators passwords. Administrators must learn passwords , commit them to memory and change them regularly

pekelo
Download Presentation

Wallix AdminBastion v2.2 Secure accesses and trace actions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wallix AdminBastion v2.2 Secure accesses and trace actions performed by IT service providers and administrators

  2. New needs and challenges 2

  3. Administratorspasswords Administrators must learnpasswords, commit them to memory and change themregularly Post-it notes are multiplyingaroundscreens • Nobodyknowswhere all the passwords are stored, sometimestheystay in the head of the administrator !

  4. IT teams turnover One of my administrators is leaving the company. Where are his passwords? I need to gather information on his accesses, deactivate them and change them on all equipment I need to communicate the changes internally How do I make sure that he won’t be able to access the company’s IS anymore? Employees who steal or divulge company’s data do it when they leave the company to work at a competitor (70 %) or when they create their own business (23 %)

  5. Accidents happen Customers’ database is down following a maintenance operation No way to find who is responsible for sure It’s difficult to find the cause ORIGIN AND TRACEBILITY OF ACTIONS Wheredoes the error come from? Can I replaywhathappened? How do I find the origin of the incident?

  6. External Service Providers I don’t know what my service providers are doing There are many connections to critical servers and devices: I don’t know who’s logged in, when or how they do it! I must manage their access and monitor them when they’re working on my IS I need to be able to change providers if necessary PROVIDER MANAGEMENT How can I be sure that their access are monitored? How do I trace the origin of the incident? Who’s responsible?

  7. Access Managementwith Wallix AdminBastion 7

  8. Concepts Unix / Linux Server Windows Server Network Equipment Administrators Developers Security Officers Application Traceability External Providers Access control Centralised Authentication

  9. What the WAB can do for you ? Access control for internalusers and external providers Trace connections to sensitive equipment • Easy access management for login and passwords • Strong Authentication for system administrators (through external solutions) • Alert messages (ex : e-mails) when there’s a connection to a critical server

  10. Supportedprotocols TARGET EQUIPMENT USER RDP VNC RDP Https SSHv2 SFTP Http/Https SSHv2 SFTP Telnet rlogin Authorisation of SSH features • Shell Session • Remote command • SCP (upload & download) • X11 Forwarding

  11. Session Recording Sessions are saved and stored in flash format (they can be played on the user’s computer) You can replay RDP sessions with the integrated Player • Weight : 1,5 Mb / minute (average) RDP SESSIONS (WINDOWS) SSH/TELNET SESSIONS • Command lines entered by the user are stored as well as the equipment’s response • Information are available in a text file or in a video file

  12. SSH Flow Scanning In the example above, the expression ‘passwd’ can be found of the « forbidden commands » list The detection of the expression ‘passwd’ triggers an alert and/or the termination of the connection.

  13. Internal Architecture OPTION 1 The WAB appliance hosts the users’ database, ACL’s and the equipment database OPTION 2 The WAB appliance connects to an external directory * to authenticate the users * LDAP, Active Directory, Radius

  14. StrongAuthentication Technologies • RSA SecurID • Radius • ActivCard • Others New ! X509v3 certificates are now supported

  15. Case study VPN

  16. Client-server Application Web Interface RDP Client virtualized Windows XP/7 or Windows TSE Client d’administration

  17. WAB – EasyDeployment No need to install an agent on any of the equipment • Time saved during the deployment period • Easy integration in the existing infrastructure • Lower TCO No extensive training is needed for the users • No change in work methods • A user can keep working with his usual tools(TSE/RDP client, Putty, WinSCP, command line …)

  18. Appliance or Software Appliances 6 available models: from WAB 25 to WAB 600 Virtual machines VMWare ESX 4 virtual appliance

  19. WAB Appliances

  20. Easy to use Web interface (https) available in English and in French • IE7+ and Firefox 2+ Compliant Command Line Interface • You can use the WAB withexternal scripts or third party applications • You can define profiles with specific rights (ex: auditor) • It’s possible to define the type of actions that can be performed by a particular WAB user/administrator

  21. Reporting and Alerts You can export data at csv format for later use Define real-time alerts (mail & logs) : • Forbidden character string detection (SSH) • Failure to authenticate • Failure to connect to a target account … Daily connection report sent by e-mail REPORTING ON CONNECTIONS

  22. Raise the securitylevel Record and Replay Sessions SECURITY LEVEL Centralize and simplify authorizations and password management COMPLEXITY StrengthenAccess Control Policy SECURITY LEVEL MANAGEMENT SECURITY NEEDS PREVENTION OPTIMIZATION VERIFICATION

  23. Manyneeds, One solution

  24. Questions Contact usITSS109, rue du Pont du CentenaireCH – 1228 Plan-les-OuatesSwitzerlandTel: + 41 22 706 20 80www.itssglobal.com

More Related