A2B Tech

No detours, just destinations

Micro Focus (NetIQ / Novell) Identity Manager

 

Since its release under the DirXML 1 name, we have been helping customers utilize their IT investment by simplifying day-to-day tasks, providing compliance with imposed regulations, and ensuring access is granted and revoked per organizational rules. The latest version of Identity Manager is available to improve on the foundation provided in previous versions for existing customers, or provide capabilities and simplicity in day-to-day operations likely never considered by potential customers. If you are interested in a demonstration and evaluation of the technology let us know; we would be glad to help bring both security and ease of use, usually a dichotomy, to your organization.

 

Micro Focus (NetIQ / Novell) Sentinel

 

Sentinel has grown significantly since it first became an offering from Novell. Formerly built on proprietary, and less-scalable, technologies, the installation and day-to-day use was a burden viewed as necessary to achieve a required goal. Today the initial installation can be done in minutes with a software appliance, and scaling out to handle tens of thousands of events per second can be done as quickly as hardware can be provisioned. As a result, setting up a demonstration in your environment can be done with a built-in evaluation license that allows full functionality, and with a purchased license can convert into a working system. Sentinel comes with different capabilities depending on the license, so contact us to find out more about which options are best for your organization's requirements.

 

Linux Management

 

SUSE Linux Enterprise Server (SLES) is the most-capable distribution of Linux for the enterprise today. Able to run on mainframes and Power architectures in addition to the x86 architecture behind most of our laptops, desktops, and servers, it is geared primarily for enterprise use and has kept that focus as evidenced by the tools provided out of the box. Boasting the best setup/management utility available today in Yast, and expanding that in recent years to include WebYast (a web-based interface) which simplifies appliance deployment, SUSE has shown the ability to do what is necessary to keep easy things easy, and make the harder tasks possible via a solid platform with the necessary tools layered on top. SLES (and even openSUSE) can be found in Amazon's, Google's, and others' cloud offerings as a base for application needs.

 

While SLES is the preferred offering to host services, we also work with other enterprise distributions such as RedHat Enterpise Linux (RHEL), CentOS, and Debian, and have background with other distributions as well should experience in those areas be desired. Whether as the virtual system to power an application-specific workload, or as the workhorse powering a virtualization farm of other machines, contact us to find out what your options are regarding getting the best base for all of your IT needs.

 

TDP SecureAnyBox (SAB)

 

If you manage Microsoft Windows systems in your environment, you may know the passwords for the built-in Administrator account used to create the system. If you are using Microsoft Active Directory (MAD) then you probably know that the built-in account is there and useful for maintenance purposes, even when the network connection or domain is down. While this local access may be useful, it is also a common point of unaudited system compromise by clever users, current and former technicians, and intruders. Because these accounts are setup when the system is provisioned, and because provisioning is often done automatically using established builds or images, systems either have the same password, or a guessable password by those who are, or have been, in a position of trust.

 

SecureAnyBox solves this problem by randomly changing passwords on a daily basis for these built-in accounts, even when the system is disconnected from networks. Retrieval of these random passwords can be done by those who currently, have access to retrieve the random password from the service, which means that once somebody is no longer entitled to the data they can no longer access these accounts, and also access to one system does not ever mean access to another system. Auditing of server access provides a trail of those who have had access on a given day to a given system.

 

Another area addressed by SecureAnyBox is around its SafeBox functionality, which allows storage, and sharing of credentials in a secure way. Within IT it is common for users to be members of different teams, and thus they need access to different credentials. Starting from a smaller department, one person may have the keys to everything, but as the organization grows the need for everybody to have access to everything diminishes, even though the old practices naturally may not change, causing more vulnerability than necessary. Setting up a SafeBox per team, or per service, and setting up groups of SafeBoxes for production, staging, development, or in whatever combination suits your organization, can allow fine-grained control of credentials in a secure way. Every user has access to their own credentials via their own access key (passphrase), and they can opt to share their credentials with others. Auditing lets the system owners know who has used which credentials and when. If somebody with access to secure information ever leaves the organization, a simple audit can tell you which passwords they actually have retrieved, so you know which ones to reset, providing huge benefits over shared files (in whatever format) full of the secure data.

 

To find out more about SecureAnyBox, or for a demonstration or pricing, please contact us. A demonstration system, in your environment or ours, can be setup to allow you to see the benefits immediately for comparison with other options.