|

Centrally deploy, modify and delete UNIX/Linux
accounts.

Fast and easy UID/GID synchronization

Strengthen password composition, enforce aging
and lockouts.

Control who may login to/from which hosts, when,
by which methods (including SSH, SU,FTP,X/CDE)
and other criteria.

Detailed reports for all account and login activities.
Securely deploy and manage user accounts,
passwords and login policies across heterogeneous
UNIX/Linux environments, while keeping a centralized
audit trail of all related activities. Symark
PowerPassword, User Management Edition provides
much simpler and more secure user management,
compared to NIS/NIS+ or LDAP environments.
Once accounts are deployed, PowerPassword
enforces highly secure password policies to
secure UNIX/Linux authentication. Access via
SSH, FTP, SU, or X/CDE are all controlled and
audited with unsurpassed detail. Additionally,
PowerPassword's login policies enforce access
control to all hosts in the UNIX/Linux network
who may login, to/from which host, when, and
using what method (telnet, rlogin, ssh, ftp,
su, etc.)
Symark Power Password, User Management Edition
reduces support costs by enabling delegation
of specific account management tasks. For example:
Help desk staff can perform specific tasks as
delegated by your UNIX/Linux administrators.

User authentication and access requests to UNIX/Linux machines are controlled by PowerPassword’s
highly secure password and login policies.

Add, modify, or delete accounts securely
from a central point of management across
your UNIX/Linux network.

Controlled account deployment to each host’s
/etc/passwd, /etc/group, and /etc/shadow

Automatic UID/GID synchronization across
hosts for all new accounts

Account Templates pre-define user account
parameters and password policies and apply
to specified users or groups (e.g., new
Accounting user)

Migration of accounts from NIS/NIS+ or other
user directories

Post-Processing Scripts enable scripts to
execute after account management events
and leverage the user account data (e.g.,
after adding a user, a new database user
is then created)

"Division of Privilege" for delegating specific
account management activities to different
administrators and help desk staff by users,
groups, hosts, commands, etc.

Strengthen password security and simplify
administration

Password aging and reset

Password encryption

Define specific character composition (such
as length, alphanumerics, case, punctuation)

Lockout accounts after specified number
of failed login attempts

Disable inactive and orphaned accounts

Automatic random generation of passwords

Password Change Agent for secure automated
root password resets via SSH.

"Similarity checking" to user name and historical
passwords

Support for cracking programs and dictionary
checking

Control the login environment

Who –which users and group may login

What – to which hosts

When – time, day, and date

Where – from which host, IP address, or
remote location

How – using login, rlogin, telnet, ssh,
su, xdm/cde, and define the post login properties
for user environments (working directory,
shell, etc.)

Logging of all account, password and login
events

Reporting capabilities for all account management
activities, password change history, accepted
and rejected login attempts, and more

Audit trail of login events includes detailed
data about each accepted and rejected login,
including which system was accessed, when,
from where, using what login method, as
well as complete environmental information

Client/server architecture for fault tolerant
operations

No kernel modifications / no reboots / no
conflicts

Encryption of network traffic, and stored
passwords, policies and configuration files

SMTP alerts for specified events

Integration with SSH

BlueCoat SGOS devices

Integration with PAM

Security policies are easily deployed from
central Master server
Unix Linux Password Management Software - Password
Protection Software - Unix Linux Identiy Management
Software

Password rules

User deployment template

User Deployment Report
|