Presentation is loading. Please wait.

Presentation is loading. Please wait.

BalaBit Shell Control Box New Concept for Privileged User Monitoring.

Similar presentations


Presentation on theme: "BalaBit Shell Control Box New Concept for Privileged User Monitoring."— Presentation transcript:

1 BalaBit Shell Control Box New Concept for Privileged User Monitoring

2 Agenda Market challenges User Monitoring by BalaBit Conclusion

3 BalaBit IT Security „ The syslog-ng company” 2011 revenue: $10.3 M (35% annual growth) Number of employees: 120 Number of customers - global: – commercial customers: 800 – open source users: years experience in IT Security Global partner network, 80+ partners in 30+ countries Awarded to Deloitte Technology Fast 500 and Fast 50 Lists (2010)

4 External Challenges: Security Breaches

5 External Challenges: Compliance Pressure to Monitor Users SOX → COBIT DS5.5 Security monitoring DS9.2 Config.changes DS11.6 Securing Data PCI-DSS Chapter 7, 8 Implement Strong Access Control Chapter 10 Audit Access to Cardholder Data Chapter 12 Maintain sec.policy for personnel ISO27002 A.10.2 Third-party service mngmnt A Monitoring user activities A.13.2 Mgmt of Security Incidents HIPAA, Basel II, GPG13… Similar requirements!

6 IT Staff Outsourcing partners Managers SSH RDP, VNC Citrix Firewall, Network devices, Databases, Web/file servers, Citrix server… VDI users HTTP, Telnet Internal Challenges: Uncontrolled „Superuser” Access UNLIMITED AND UNCONTROLLED ACCESS!!! Control limitations of FWs Too complex environments

7 Internal Challenges: „Superuser” Fraud Source: BalaBit IT professionals survey, 2011

8 Logging is not enough… 1. Several security events are not logged! 2. Logs typically do not show what was done. 3. Logs often show only obscure techn. details.

9 Key questions to answer… Can you ensure the accountability of your IT staff? Can you monitor the actions of your „superusers”? Can you reliably control your outsourcing partners? Do you really know „who access what” on servers? Can you conduct quick and cheap audits at your company? Can you present bullet-proof evidence in legal proceedings? Are you sure you’d pass audits concerning user monitoring?

10 IT Staff Outsourcing partners Managers SSH RDP, VNC Citrix RDP, VNC SSH Firewall, Network devices, Databases, Web/file servers, Citrix server… Privileged Activity Monitoring by Shell Control Box VDI users HTTP, Telnet

11 Privileged Activity Monitoring by BalaBit Shell Control Box Shell Control Box (SCB) is an appliance that controls privileged access to remote systems and records the activities into searchable and re-playable movie-like audit trails.

12 Authentication Security & compliance benefits: Integration with user directories (AD, LDAP, etc.) Shared account personalization Strong, central authentication Password mngmt Independent auth. of SCB admins and auditors Key Benefit: ADDITIONAL AUTHENTICATION LAYER!

13 Access Control Security & compliance benefits: Central access control gateway Multi-protocol support - SSH, RDP, VNC, Telnet, Citrix, etc. Sub-channel control (e.g. file transfer) Access by time policy 4-eyes authorization Real-time access monitoring Key Benefit: GRANULAR ACCESS POLICY ENFORCEMENT!

14 Real-time alerting (& blocking) Security & compliance benefits: Alerts for monitoring tools Alerts for supervisors Coming in Q4 2012: Terminates session if risky action Risky actions are customizable (e.g. failed login, program execution, credit card number…) Key Benefit: IMMIDIATE REACTION ON CRITICAL EVENTS!

15 Audit & Forensics Security & compliance benefits: Real-time activity monitoring Tamper-proof, HQ audit trails Movie-like playback & search File transfer audit Independent, transparent audit device Key Benefit: INDEPENDENT TOOL FOR QUICK AUDITS & FORENSICS!

16 Reporting Security & compliance benefits: Activity reports (e.g. failed logins, admin commands, etc.) Customizable reports Advanced statistics Compliance reports (PCI) (coming in Q4 2012!) Key Benefit: GRANULAR ACCESS REPORTS TO HELP COMPLIANCE!

17 SCB in the Compliance & Security Environment Exact name to generic admin users Password mgnmt Password Mgmt API: integration with 3rd party applications remote search and management Augmented logs Better sec. investigations Better Reporting SIEM / Log Mgmt Encrypted traffic analysis IDS Alerts Central mgmt Systems Mgmt

18 Market drivers – Use cases Compliance International standards Local legislationCompany policy Distrust Monitoring IT staff IT Outsource (SLA) control VDI user control Operational Efficiency Troubleshooting & Forensics Cloud services monitoring

19 References

20 Licensing and Implementation Host based licensing Provided as appliance or virtual image Scalable up to 10TB for auditing „unlimimited” hosts HA option Implementation and training: 2-4 days 7/24 vendor support (option)

21 Conclusion Benefits for business Faster ROI Faster and higher quality audits Lower troubleshooting and forensics costs Centralized authentication & access control Complete solution for user monitoring Faster ROI Faster and higher quality audits Lower troubleshooting and forensics costs Centralized authentication & access control Complete solution for user monitoring Lower risk Improved regulatory and industry compliance Better employee/partner control Improved accountability of staff Bullet-proof evidence in legal proceedings Lower risk Improved regulatory and industry compliance Better employee/partner control Improved accountability of staff Bullet-proof evidence in legal proceedings

22 Thank You!


Download ppt "BalaBit Shell Control Box New Concept for Privileged User Monitoring."

Similar presentations


Ads by Google