Access Control/Authentication Management
Symark's product suite makes integration a whole lot simpler.
If you need to make a table leg out of a block of wood, you have two options:
You can either spend weeks working on it with a chisel, hammer and other assorted
tools -- or you can clamp the block in a lathe and turn out a leg in a matter
In the world of integration, Symark's (www.symark.com)
suite of tools is the lathe, letting you accomplish in minutes what would otherwise
take considerably longer.
Symark's solutions include:
The newest of all the Symark products, this one extends Active Directory functionality
to Unix and Linux systems. This is a good solution to use when your site is
primarily Windows-based and running only a few *Nix machines.
This tool makes it possible to give users root-level access without sharing
the root password. By adding additional granularity, administrators can delegate
tasks such as backups without risking the harm that can often accompany elevated
user privileges. The granularity that can be used for user accounts can also
extend to directories and files.
Now in Version 2.0, PowerKeeper is an appliance-based product for privileged/root
account and password management. It can manage the creation, control, storage
and retrieval of account passwords in Unix, Linux and Windows systems. It
makes single-factor authentication possible using Active Directory or LDAP,
and implements FIPS 140-2 level encryption. Some of its other features include
performance monitoring and enhanced logging.
Intended to let a help desk delegate specific account-management tasks, PowerPassword
allows you to create policies that govern authentication and usage of SSH,
FTP, su, telnet, rlogin and others. As with the other Symark tools, detailed
logging/auditing is possible and the default.
While there are some differences between each of the products, in general you'll
find that supported *Nix versions tend to include HP-UX, IBM AIX, Red Hat, Solaris
and SUSE. Supported Windows versions are typically Windows Server 200x and XP.
All the products from Symark can be downloaded for a 30-day trial. I encourage
you to visit the company's site, look at
the screenshots, read the FAQ and see if you don't agree that the solutions
offered can simplify your tasks substantially.
Emmett Dulaney is the author of several books on Linux, Unix and certification,
including the Security+ Study Guide, Fourth Edition. He can be reached at firstname.lastname@example.org.