|
NEWS RELEASE
|
FOR IMMEDIATE RELEASE
CONTACT:
Leading Appliance for Privileged Account Access Management Supports Application-to-Application Password Management; Utilizes HP ProLiant Server to Further Safeguard against Insider Threat and Meet Compliance Requirements
CONTACT:
|
Ellen Libenson
Symark Software (800) 234-9072 |
Dan Borgasano
Schwartz Communications (415) 512-0770 |
SYMARK INTERNATIONAL ANNOUNCES POWERKEEPER 3.0
Leading Appliance for Privileged Account Access Management Supports Application-to-Application Password Management; Utilizes HP ProLiant Server to Further Safeguard against Insider Threat and Meet Compliance Requirements
Agoura Hills, Calif. - July 14, 2008 - Symark
International, developer of the PowerSeries information
security solutions for managing privileged access,
today announced PowerKeeper 3.0, the latest version
of the industrys most advanced privileged account
access management appliance for the secure creation,
control, storage and retrieval of privileged administrative
account passwords. PowerKeeper 3.0 includes support
for application-to-application (A2A) and application-to-database
(A2DB) connectivity, and bolsters security by
replacing embedded credentials with one-time-use
passwords. The new version also utilizes the HP
ProLiant DL360 G5 server, which, when combined
with PowerKeeper 3.0, significantly improves system
availability and facilitates greater scalability
to handle more users, managed systems and managed
accounts per appliance.
According to key findings in a recent Gartner report by Research Vice President Ant Allan and Managing Vice President Ray Wagner, Using passwords for application-to-application (A2A) and application-to-database (A2DB) authentication, with the passwords hard-coded in the calling application, gives rise to significant security risks. The need to periodically change such passwords gives rise to significant operational risks. Strategic authentication approaches cant be simply retrofitted to all applications because the effort and time scale of such work would be prohibitive. In addition, Although organizations often have a more-robust strategic authentication approach, its seldom practicable to retrofit this to all applications. Wherever software-account passwords must remain, a software-account password management (SAPM) tool can mitigate security and operational risks.1
Despite the immense security risk, it is still common practice for many IT administrators to share passwords among those that need access to a given system or data set. This exposes an organization to insider impropriety because when someone is logged in as a privileged user, there is no way to verify which administrator actually logged in or to audit who approved that access and the reason the access was necessary, said Bob Farber, CEO of Symark International. Use of embedded passwords that could be viewed by anyone with access to the source code is not much different than an administrator looking over another administrators shoulder for the purpose of stealing and exploiting their password. Privileged access management solutions such as Symarks PowerKeeper address this issue by providing a one-time-use password. This supports security best practices and helps companies meet SOX, HIPAA, PCI DSS and other compliance requirements.
PowerKeeper provides the combination of a secured, hardened appliance with the use of only commercially supported FIPS-140 validated encryption components. This provides the best security techniques available for protecting passwordsand the accounts they accessfrom unauthorized use. PowerKeeper safeguards proprietary systems and information through a secure release mechanism that automatically changes and verifies passwords based on granular security parameters established by management. By protecting the UNIX/Linux root, Windows Administrator and other privileged accounts such as Cisco Enablethe virtual keys to the kingdomPowerKeeper enables organizations to create a secure access control infrastructure that satisfies corporate governance, compliance and risk guidelines. PowerKeeper also tracks and logs all password activityincluding requests and releasesand creates a comprehensive audit trail from which various reports can be generated.
Privileged user password management (PUPM) solutions allow passwords to sensitive accounts (system administrator, root, etc.) to be centrally stored and divulged only temporarily to system administrators or applications. All password releases are audited, and passwords can also be automatically updated on managed systems once the system administrator checks in the password. Most organizations deploy PUPM to reduce the risk of managing sensitive passwords, increase operational stability, and address audit findings, wrote Andras Cser, senior analyst with Forrester Research, in the June 18, 2008 report, Forrester TechRadar: Identity and Access Management, Q2 2008.
The new A2A and A2DB support included in PowerKeeper 3.0 provides a level of security unmatched in the marketplace. Each application is protected by a certificate and a series of administrator-selected program factors to validate that the application requesting the credentials is approved to receive them and is executing in the proper context. This provides a high level of protection from unauthorized access to the credentials, even if an attacker tries to masquerade as the approved application requesting the credentials.
PowerKeeper 3.0 also utilizes the HP ProLiant DL360 G5 server, which includes enhanced fault-tolerance functionality to ensure system availability. As a mission-critical system, PowerKeeper must be continuously available. The appliance features several layers of redundancy to protect against failures, including implementing High-Availability Pairs, where a primary PowerKeeper appliance is paired with a replica so that if the primary appliance fails or becomes unavailable, the replica appliance will automatically take over all PowerKeeper functions. The fault tolerance added to version 3.0 as part of the HP hardware further strengthens PowerKeepers continuous availability by adding standard redundant hot-swap mirrored disks, power supplies and fans, with redundant CPUs and hot-bank memory available as an option. These additional features supplement the solutions existing fault tolerance measures to ensure that PowerKeeper is continuously available and performing at optimal levels.
The HP ProLiant DL360 also provides additional capacity for users, managed systems and managed accounts using PowerKeeper. PowerKeeper is extremely scalable. Utilizing the HP ProLiant DL360 hardware and a proper design and deployment plan, PowerKeeper appliances can support a virtually unlimited number of managed devices within an enterprise.
According to key findings in a recent Gartner report by Research Vice President Ant Allan and Managing Vice President Ray Wagner, Using passwords for application-to-application (A2A) and application-to-database (A2DB) authentication, with the passwords hard-coded in the calling application, gives rise to significant security risks. The need to periodically change such passwords gives rise to significant operational risks. Strategic authentication approaches cant be simply retrofitted to all applications because the effort and time scale of such work would be prohibitive. In addition, Although organizations often have a more-robust strategic authentication approach, its seldom practicable to retrofit this to all applications. Wherever software-account passwords must remain, a software-account password management (SAPM) tool can mitigate security and operational risks.1
Despite the immense security risk, it is still common practice for many IT administrators to share passwords among those that need access to a given system or data set. This exposes an organization to insider impropriety because when someone is logged in as a privileged user, there is no way to verify which administrator actually logged in or to audit who approved that access and the reason the access was necessary, said Bob Farber, CEO of Symark International. Use of embedded passwords that could be viewed by anyone with access to the source code is not much different than an administrator looking over another administrators shoulder for the purpose of stealing and exploiting their password. Privileged access management solutions such as Symarks PowerKeeper address this issue by providing a one-time-use password. This supports security best practices and helps companies meet SOX, HIPAA, PCI DSS and other compliance requirements.
PowerKeeper provides the combination of a secured, hardened appliance with the use of only commercially supported FIPS-140 validated encryption components. This provides the best security techniques available for protecting passwordsand the accounts they accessfrom unauthorized use. PowerKeeper safeguards proprietary systems and information through a secure release mechanism that automatically changes and verifies passwords based on granular security parameters established by management. By protecting the UNIX/Linux root, Windows Administrator and other privileged accounts such as Cisco Enablethe virtual keys to the kingdomPowerKeeper enables organizations to create a secure access control infrastructure that satisfies corporate governance, compliance and risk guidelines. PowerKeeper also tracks and logs all password activityincluding requests and releasesand creates a comprehensive audit trail from which various reports can be generated.
Privileged user password management (PUPM) solutions allow passwords to sensitive accounts (system administrator, root, etc.) to be centrally stored and divulged only temporarily to system administrators or applications. All password releases are audited, and passwords can also be automatically updated on managed systems once the system administrator checks in the password. Most organizations deploy PUPM to reduce the risk of managing sensitive passwords, increase operational stability, and address audit findings, wrote Andras Cser, senior analyst with Forrester Research, in the June 18, 2008 report, Forrester TechRadar: Identity and Access Management, Q2 2008.
The new A2A and A2DB support included in PowerKeeper 3.0 provides a level of security unmatched in the marketplace. Each application is protected by a certificate and a series of administrator-selected program factors to validate that the application requesting the credentials is approved to receive them and is executing in the proper context. This provides a high level of protection from unauthorized access to the credentials, even if an attacker tries to masquerade as the approved application requesting the credentials.
PowerKeeper 3.0 also utilizes the HP ProLiant DL360 G5 server, which includes enhanced fault-tolerance functionality to ensure system availability. As a mission-critical system, PowerKeeper must be continuously available. The appliance features several layers of redundancy to protect against failures, including implementing High-Availability Pairs, where a primary PowerKeeper appliance is paired with a replica so that if the primary appliance fails or becomes unavailable, the replica appliance will automatically take over all PowerKeeper functions. The fault tolerance added to version 3.0 as part of the HP hardware further strengthens PowerKeepers continuous availability by adding standard redundant hot-swap mirrored disks, power supplies and fans, with redundant CPUs and hot-bank memory available as an option. These additional features supplement the solutions existing fault tolerance measures to ensure that PowerKeeper is continuously available and performing at optimal levels.
The HP ProLiant DL360 also provides additional capacity for users, managed systems and managed accounts using PowerKeeper. PowerKeeper is extremely scalable. Utilizing the HP ProLiant DL360 hardware and a proper design and deployment plan, PowerKeeper appliances can support a virtually unlimited number of managed devices within an enterprise.
Pricing & Availability
PowerKeeper 3.0 is available now. Cost is $25,000
per appliance, which includes 100 licenses to
manage 100 different systems with an unlimited
number of users. For further information about
PowerKeeper 3.0, please contact Symark at (800)
234-9072 or visit www.symark.com.
About Symark International
Symark International is the leading provider of
systems access management solutions for heterogeneous
IT environments. Symark PowerBroker enables granular
delegation of administrative privileges while
restricting UNIX/Linux root account access. Symark
PowerPassword provides UNIX/Linux user account
management along with login and password security
policies. Symark PowerKeeper controls access
to shared administrative accounts for servers,
applications, and network devices for multiple
platforms. Symark PowerADvantage extends Microsoft
Active Directorys centralized authentication,
authorization, account access, policy enforcement
and infrastructure management functionality to
UNIX and Linux systems. All products offer a non-intrusive
architecture, central administration, accountability
at the systems level and detailed audit logs.
Symark offers extensive expertise in enterprise
computing security, and its products are backed
by unmatched technical support. For more information,
visit us at www.symark.com.
_________________
1Gartner Research Eliminate Hard-Coded Passwords, Ant Allan and Ray Wagner, June 18, 2008.
1Gartner Research Eliminate Hard-Coded Passwords, Ant Allan and Ray Wagner, June 18, 2008.
###
NOTE TO EDITORS: If you would like additional information on Symark and its products, please view the Symark web site at www.symark.com.
Symark, the Symark logo, PowerPassword, PowerBroker, and PowerKeeper are trademarks or registered trademarks, in the United States and certain other countries, of Symark Software. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.
Site MapContact UsPrivacy Policy/ California Privacy RightsHome
