XYGATE products chosen for distribution by HP

XYGATE products chosen for distribution by HP

Presenter: Ian Pearce

1 XYPRO Confidential

• Proven Performers & Business Partners – Founded in 1983 – HP NonStop server security since 1990

• Fast Response Team – 24 x 7 Support service – Support offices around the world

• HP / XYPRO Relationship – Long-term relationship between XYPRO and HP

(Tandem/Compaq) – HP helped publish XYPRO security handbooks – Used to secure HP internal systems (20+ nodes)


About XYPRO


The XYGATE Suite

XYPRO solutions through HP

XYPRO Confidential 4

Compliance Authentication

Access Control Audit

Can I pass a compliance audit? Does my system meet all internal security policies and rules?

Who is allowed onto my system? When can they logon on?

What’s been happening on my system?

Who can do what on my system?

What commands can they execute?

• Analyze current relevant security settings

• Flag settings that may cause compliance issues

• Authenticate against LDAP, RSA SecurID and RADIUS.

• Granular logon controls.

• All NonStop Security Events • Filter to only show

events of interest. • Feed data to off

board SIEM devices.

• Eliminate Shared

userIDs • Control of

commands and subcommands in all system utilities

• Full keystroke logging

splunk®>


http://www.arcsight.com/�

XYPRO Confidential 8

XYGATE Event Monitor (XEM)

Compliance PRO (XSW)

9

XSW – Easy to understand results


Green ruler = passed

Broken red ruler = failed

XYPRO Confidential

Tab Options

11

• Pre populated standards specific tabs

• Tabs can be customized to your own requirements

XSW – Security Compliance


Features: • Easy to interpret, graphic display of results • Automated data collection and analysis

against security policies, regulations (PCI, HIPAA, SOX), Best Practices

• Extensive default reporting on results • Easy report customization • Audit and tracking of security policy adherence • Access mapping by subject or object • Integrity checking • Compliance visibility to a single system or an entire NonStop

Enterprise

Customer Benefits: • Meet compliance requirements - prove it, and maintain it • Achieve immediate results - and rapid ROI

In Summary XSW – Security Compliance


XYGATE User Authentication, allows customers to implement logon controls at a granular level and integrate their NonStop server into larger LDAP environments • Logon Controls at a granular level, including time based. • Rules for User group logons and controls for group manager capabilities • Audit reporting on logon events • IP, Requestor and Ancestor controls • LDAP interface for NonStop • Support for RSA SecurID tokens and RADIUS authentication

XYPRO Confidential

XYGATE User Authentication (XUA)

14

• Control logons based on: • Ancestor program • Requestor program • Port/IP Address • Time of day/day of week • Current logged-on user

• Supports user impersonation – logon using SUPER.SUPER but your own password.

• Apply global-level authentication controls to the user/group-level (e.g. Apply Authenticate_Fail_Freeze to a user or group, not global)

XYPRO Confidential


15

• Includes EXPLAIN/WHATIF functionality for testing of rules

• Authentication decisions are audited, and audit data can be integrated/sent to a SIEM device with Merged Audit

• NonStop userids can be frozen/have passwords expired – all authentication must come from LDAP/AD/RSA

• Allows customers to meet corporate standards for authentication

XYPRO Confidential


16

Audit Data (Audits can be captured in up to 9 locations simultaneously)

User Authentication

Configuration Settings and

Authentication Rules

SAFEGUARD

USERID Information

OPEN LDAP

RADIUS

Active Directory

XYGATE User Authentication (XUA) XUA provides an extension to Safeguard to authenticate users based on pre-set rules that are applied on top of NonStop security settings

Users can now access NonStop servers through an industry SSO solution. The Authentication layer will trace the user to the associated NonStop userID for authentication

User activities can be monitored and audited

100% of NonStop’s Authentication Requests are handled through the User Authentication layer

NonStop Programs – TACL, OSS, FTP, ODBC, DSM/SCM, SSH, OSM and all others

• Each user gets single, unique logon with all & only those privileges needed to do their job

• Eliminates use of SUPER.SUPER (Master Logon) • Eliminates use of shared logons

• You have auditability for all users • for all actions (KEYSTROKE!) • for all process management • for logons, logoffs and program runs • for user location • for IP addresses

XYGATE Access Control (XAC)


• You have individual accountability • for actions performed from the keyboard • showing such items as user ID, terminal, date, time,

IP address, command input, command output

• Re-authentication of users for sensitive actions • inactivity time-outs • keyboard locking

XYGATE Process Control (XPC) • Grants process privileges • Ability to stop, suspend, altpri, activate and debug are

granted to the user ID



Audit Data (Audits can be captured in up

to 9 locations simultaneously)

Configuration Settings and Access Rules

ACCESS CONTROL

PC/Terminal

Access controls are set up and stored on the system

As users attempt to access system resources, their rights are queried and allowed or denied by the Access Control layer

User activities are monitored and audited including key strokes as desired.

NonStop Utility Programs

-TACL - OSS Shell - FUP - All Others


XYPRO www.xypro.com

[email protected] [email protected] [email protected]


http://www.xypro.com/�

mailto:[email protected]�




XYGATE products chosen for distribution by HP

Documents

Transcript of XYGATE products chosen for distribution by HP