Presentation is loading. Please wait.

Presentation is loading. Please wait.

Random Password Manager Centralized scalable password management security and recovery Joe Vachon Sales Engineer.

Published byGeorge Trusler Modified over 9 years ago

Similar presentations

Presentation on theme: "Random Password Manager Centralized scalable password management security and recovery Joe Vachon Sales Engineer."— Presentation transcript:

1 Random Password Manager Centralized scalable password management security and recovery Joe Vachon Sales Engineer

2 The Problem: Common Account Credentials Most organizations deploy servers and workstations with identical local account credentials If even one local password is cracked an unauthorized user can gain peer-level access throughout the network Compromises IT assets, disrupts business continuity, causes non-compliance with security best practices and regulatory standards “One of the neglected security holes in a Windows network is the local administrator password for your users’ desktop machines. Many organizations synchronize these, so that the same password can be used for each.” Dave Kearns Editor, Network World

3 The Solution: Unique Account Credentials Regularly deploying unique account credentials on each machine prevents one compromised system from threatening the entire network Manually randomizing passwords on every system is impractical Scripting limitations – no logging, no documentation, difficult to update, maintain, support

4 Random Password Manager Periodically randomizes local administrator and root account passwords throughout the enterprise, including firecall accounts Centrally managed, randomization conducted according to schedules established by IT Multi-threaded, SQL server-based application that deploys without installing agents to client systems or requiring additional hardware Supports Windows NT, 2000, XP, Server 2003, Vista, Server 2008, and Linux, UNIX, SQL Server, Cisco IOS devices Certified for Microsoft Windows Vista

5 Requirements Windows 2000, XP, Server 2003, Vista, Server 2008 Administrative rights over host machine and target machines NetBIOS over TCP/IP (ports 137-139 or 445) for Windows management Port 22-SSH for Linux\Unix management Port 135-Automated installation of password recovery website SQL 2000\SQL Express\MSDE IIS 5.0 or later\Personal Web Server Active Server Pages enabled COM identity-domain account with admin rights on web server and access to the SQL database SSL certificate recommended

6 Win32 Application Demonstration

7 Win32 Review Create groups of machines Populate groups with machines Select machines you wish to include in a password change job Schedule password change job Delegate remote secure recovery of passwords in your machine groups to user entities

8 Password Creation/Encryption Passwords can be controlled for length, complexity, special characters Passwords stored in SQL relational database, can be clustered and replicated Data secured using AES-256 bit encryption

9 Demonstration Web Application

10 Password Recovery Local passwords recovered on demand by delegated users for routine systems management tasks Controls who can recover passwords and how long they remain active (2 hours by default) Passwords automatically randomized after temporary period expires Periodic password verification checks that random passwords still work on each machine “The product randomizes passwords for each machine and allows non-privileged users to gain temporary access through a web portal for essential jobs.” Ericka Chickowski Editor, SC Magazine

11 Password Vault Proliferation of passwords leads to frequently lost or forgotten passwords Insecure or inadequate solutions – writing passwords down, automatically logging in all users, Single Sign-On Password Vault allows users to securely store all passwords in AES encrypted database Delegated users can retrieve own passwords through secure web interface “The Password Vault module enables administrative users who forget their credentials and cannot access a system or application to quickly retrieve their own passwords through the Web interface…” Dave Kearns Editor, Network World

12 Logging All password randomizations, verifications, and recoveries, as well as program logons, are logged into relational database Information can be sorted and extracted to CSV files Logs can be provided to security auditors to prove compliance with Sarbanes-Oxley, HIPAA, PCI, and other regulatory standards …government regulations such as SOX, HIPAA, and PCI with their requirements for companies to keep tabs on who does what on their systems, are prompting more interest in Random Password Manager from companies in every industry.” Renee Munshi Senior Editor, Windows IT Pro

13 Licensing & Availability Licensed by managed system Academic, GSA, non-profit, and volume discounts available No separate server/workstation pricing Available now Free, fully functional evaluation for download now from http://www.liebsoft.comhttp://www.liebsoft.com

14 Conclusion Questions? Joe Vachon Sales Engineer joe@liebsoft.com 800-829-6263

Download ppt "Random Password Manager Centralized scalable password management security and recovery Joe Vachon Sales Engineer."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Chapter 20 Oracle Secure Backup.

Chapter 20 Oracle Secure Backup.
Privileged Identity Management ISV Partner Alliance Value.

Privileged Identity Management ISV Partner Alliance Value.
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
Privileged Identity Management Enterprise Password Vault

Privileged Identity Management Enterprise Password Vault
Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.

Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.
Planning Server Deployments

Planning Server Deployments
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Managing User Settings with Group Policy

Managing User Settings with Group Policy
Understand Virtualized Clients 10753 Windows Operating System Fundamentals LESSON 2.4.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Chapter 1 Introduction to Windows Server 2003. 2 Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.

1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.

Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.

Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.

Similar presentations

Ads by Google