Integrated Authentication Solution Bolsters Security, Reduces Administration Costs and Supports Compliance Efforts by Centrally Managing User Identifications, Authentication and Security Policies across Heterogeneous IT Environments
AGOURA HILLS, Calif.-April 1, 2008 - Symark International, developer of the PowerSeries information security solutions for managing privileged account access, today announced the general availability of PowerADvantage, a new integrated authentication and configuration solution that extends Active Directorys centralized authentication, authorization, account access, policy enforcement and infrastructure management functionality to UNIX and Linux systems. PowerADvantage reduces administration costs, improves security and supports compliance efforts by allowing organizations to centrally manage disparate Unix/Linux user identifications, authentication, security policies and automatic deployment of configuration settings through Microsoft Active Directory ─ creating a unified, single login environment.
"PowerADvantage naturally evolved from Symark's many years of experience providing non-intrusive access control solutions to heterogeneous UNIX and Linux data centers. We are constantly working with our customers to identify and meet their security and compliance needs, and the ability to extend Active Directorys functionality to Linux and UNIX systems is appealing to many organizations," said Bob Farber, chief operating officer at Symark Software. "Using PowerADvantage to leverage Active Directory's identity and authentication features for the Unix/Linux environment can provide real benefits for end users and administrators. We have received nothing but positive feedback from those organizations that were involved in our Beta program especially regarding its seamless integration with Symark's PowerBroker. This combination augments the rich policy language in PowerBroker and leverages Microsoft Group Policy functionality to provide a central point of policy that can be automatically distributed to the UNIX and Linux systems saving many hours and ensuring consistency in security policies throughout the enterprise."
How PowerADvantage Works
PowerADvantage implements an agent on UNIX and Linux machines that communicates with Active Directory's domain controllers. During the installation of the PowerADvantage agent, the UNIX or Linux host is joined to the domain and the host is configured to route authentication requests through the PowerADvantage agent. This allows the PowerADvantage agent to communicate with the Active Directory domain controllers to process authentication requests and access the Group Policy Objects used for configuration management.
After installation, the computer object for each UNIX and Linux host can be moved to different organizational units in the Active Directory hierarchy, changing which set of Group Policy Objects apply to that host. The PowerADvantage Context of each host can also be changed, which will immediately change the login configuration for all Active Directory-based users logging in to that host. Both of these changes can be performed without re-booting the host or re-starting the PowerADvantage agent. Additionally, the PowerADvantage agent is configured by Group Policy, so any changes in the configuration of the agents can be performed through Group Policy without the need to visit each individual host.
PowerADvantage Key Features
PowerADvantage delivers a single, centralized management solution that reduces costs, administrative overhead and training requirements while helping organizations strengthen their corporate security policies, increasing productivity and simplifying compliance reporting requirements. Features of PowerADvantage include:
Cross-platform Unified Login -Users are provided with a single login and password for all UNIX, Linux and Windows machines, eliminating the need to establish separate access credentials for varying systems. This increases efficiency and boosts productivity for end users while reducing calls to the help desk related to misplaced passwords.
Non-Intrusive Installation Process -Administrators can deploy PowerADvantage in a matter of minutes without making any changes to the Active Directory schema. PowerADvantage's simple agent installation process joins the host to Active Directory and implements the unified login function, eliminating any complex, time consuming configuration changes. Additionally, PowerADvantages intelligent import tool streamlines and simplifies the importing and mapping of current UNIX and Linux user information directly into Active Directory.
Comprehensive Centralized Storage -All user and group information is centrally stored within Active Directory, reducing infrastructure costs by eliminating redundant identity stores including legacy directories, unsecured NIS servers and locally managed files. Storing information within Active Directory, along with integrated use of existing Windows administration tools, enables IT managers to utilize applications with familiar interfaces. This eliminates the need to license third-party synchronization products or to build and maintain in-house solutions. Operations, training and processes for provisioning, account maintenance and other administrative tasks are streamlined by standardizing on a single set of Active Directory-based tools.
Integration with Symark's PowerBroker -PowerADvantage is the only solution that extends Active Directory's identity management, access control and group policy services to UNIX and Linux systems and integrates with Symark's PowerBroker, the industry's most comprehensive solution for authorization and access control within heterogeneous UNIX and Linux IT environments. The combination of PowerADvantage and PowerBroker enhances security and compliance efforts by facilitating efficient management of both end-user and administrator account access from Active Directory while controlling access and tasks performed using the root account.
Automated Deployment of Configuration Settings -Using Group Policy, IT administrators can leverage Active Directory to establish secure, centrally-managed configuration services to UNIX and Linux hosts (as well as to the applications running on them). Using either custom-created administrative templates or those provided by PowerADvantage, administrators create configuration settings that are automatically stored in Active Directory. This facilitates the rapid automatic deployment and maintenance of configuration settings across a large number of hosts, greatly reducing administrative time and cost. Because these policies are reapplied to each host based on a pre-determined interval, any unapproved changes to the configuration items maintained by PowerADvantage will be reset back to the approved settings at the next policy refresh interval.
Targeted Configuration Management -PowerADvantages configuration management capabilities leverage Active Directory's organizational unit structure to deliver targeted configuration services to any number of individual hosts within the IT environment. This enables administrators to apply the configuration settings to selected hosts or applications. For example, the Web servers running an organizations public Web site should be configured differently than the servers running the internal intranet. PowerADvantage facilitates the configuration of each group of servers differently. Additionally, customers can leverage Active Directory to establish a hierarchy of organizational units (with a specific host placed in the appropriate unit). The host will then inherit all the policies in this hierarchy and PowerADvantage will resolve any conflicting items in the policy and determine the proper group of settings to apply to the individual host.
Detailed Compliance Reports -PowerADvantage helps ensure that all activities performed on UNIX and Linux systems are written to the proper Active Directory logs. It produces audit reports required by Sarbanes-Oxley, PCI DSS and HIPAA, providing a comprehensive trail for auditors. This simplifies the compliance process and reduces overall audit costs, and it allows for the more rapid discovery of anomalies as part of a sound security posture.
About Symark International
Symark International is the leading provider of systems access management solutions for heterogeneous IT environments. Symark PowerBroker enables granular delegation of administrative privileges while restricting UNIX/Linux root account access. Symark PowerPassword provides UNIX/Linux user account management along with login and password security policies. Symark PowerKeeper controls access to shared administrative accounts for servers, applications, and network devices for multiple platforms. Symark PowerADvantage extends Microsoft Active Directory's centralized authentication, authorization, account access, policy enforcement and infrastructure management functionality to UNIX and Linux systems. All products offer a non-intrusive architecture, central administration, accountability at the systems level and detailed audit logs. Symark offers extensive expertise in enterprise computing security, and its products are backed by unmatched technical support. For more information, visit us at www.symark.com.