Welcome | Sign In
LinuxInsider.com
Network Security

New Utility Enforces Policies Across Linux, Unix and Windows Networks

Print Version
E-Mail Article
Reprints
New Utility Enforces Policies Across Linux, Unix and Windows Networks

By Jack M. Germain
LinuxInsider
04/01/08 1:00 AM PT

Symark's new PowerAdvantage utility allows system administrators to centralize their authentication, authorization and access management across Windows, Unix and Linux networks. It provides cross-platform unified log-in -- users can have a single log-in and password for all Unix, Linux and Windows machines. This eliminates the need to establish separate access credentials for each system.


Symark International on Tuesday released PowerADvantage, an integrated authentication and configuration tool that extends features of Microsoft (Nasdaq: MSFT) Windows' Active Directory to networks also running Unix and Linux systems.

PowerAdvantage adds centralized authentication, authorization and account access functionality to Unix and Linux systems. It's also designed to bolster policy enforcement and infrastructure management functionality in the two non-Windows operating systems.

Among the chief benefits of PowerADvantage are the reduction in administration costs and security improvement, according to Symark. The new software also helps system administrators meet regulatory compliance efforts by centrally managing user identifications, authentication, security policies and automatic deployment of configuration settings across heterogeneous Unix and Linux environments.

"Why introduce this product now? The enterprise world is now ready to trim costs and make their networks more secure. Compliance laws now make it imperative to deal Increase Customer Sales with Email Marketing -- Free Trial from VerticalResponse with situations such as five different user names for each worker needing access to Windows, Unix and Linux systems on the network," Ellen Libenson, vice president of product marketing Download Free eBook - The Edge of Success: 9 Building Blocks to Double Your Sales of Symark International, told LinuxInsider.

How It Works

PowerADvantage places an agent on Unix and Linux machines that communicates with Active Directory's domain controllers. During the installation of the PowerADvantage agent, the Unix or Linux host is joined to the domain.

Then the host is configured to route authentication requests through the PowerADvantage agent. This allows the PowerADvantage agent to communicate with the Active Directory domain controllers to process authentication requests and access the Group Policy Objects used for configuration management.

After installation, the computer object for each Unix and Linux host can be moved to different organizational units in the Active Directory hierarchy, changing which set of Group Policy Objects apply to that host. The PowerADvantage Context of each host can also be changed, which will immediately change the log-in configuration for all Active Directory-based users logging in to that host.

Both of these changes can be performed without rebooting the host or restarting the PowerADvantage agent. Additionally, the PowerADvantage agent is configured by Group Policy. Thus, any changes in the configuration of the agents can be performed through Group Policy without the need to visit each individual host.

"The context feature in PowerADvantage can map to each user environment that has different user names for each system," Jeff Nielsen, senior product manager of Symark International, told LinuxInsider.

Key Features

PowerADvantage provides cross-platform unified log-in -- users can have a single log-in and password for all Unix, Linux and Windows machines. This eliminates the need to establish separate access credentials for each system and in turn increases efficiency and boosts productivity for end users while reducing calls to the help desk related to misplaced passwords, Symark said.

Easy installation allows system administrators to deploy the product quickly without making any irreversible changes to the Active Directory schema. The agent installation process eliminates complex, time-consuming configuration changes. Additionally, PowerADvantage's intelligent import wizard streamlines and simplifies the importing and mapping of current Unix and Linux user information directly into Active Directory.

PowerADvantage provides corporate officials with detailed compliance reports. These help ensure that all activities performed on Unix and Linux systems are written to the proper Active Directory logs. It produces audit reports required by Sarbanes-Oxley, the Payment Card Industry Data Security Standard, and the Health Insurance Portability and Accountability Act, providing a comprehensive trail for auditors. This simplifies the compliance process and reduces overall audit costs, said Symark, and it allows for the more rapid discovery of anomalies as part of a sound security posture.

"An essential advantage is the ability to disable access of former employees from one spot to each account. Administrators don't have to worry about orphaned access," Nielson explained.

Reduced Overhead

Comprehensive centralized storage keeps all user and group information within Active Directory. This reduces infrastructure costs by eliminating redundant identity stores, including legacy directories, unsecured network information system servers and locally managed files. Storing information within Active Directory, along with integrated use of existing Windows administration tools, enables IT managers to utilize applications with familiar interfaces.

This eliminates the need to license third-party synchronization products or to build and maintain in-house solutions. Operations, training and processes for provisioning, account maintenance and other administrative tasks are streamlined by standardizing on a single set of Active Directory-based tools.

Standalone or Integrated

"PowerADvantage is a standalone product, but it can be added onto PowerBroker," said Nielson.

PowerBroker provides Unix and Linux workstations and networks with increased security and accountability by delegating administrative privileges and granting selective access to corporate resources without disclosing the root password. This reduces the risk of accidental damage and the threat of malicious activities.

This integration with Symark's PowerBroker enhances security and compliance efforts by facilitating efficient management of both end-user and administrator account access from Active Directory while controlling access and tasks performed using the root account, he said.

Using either custom-created administrative templates or those provided by PowerADvantage, administrators create configuration settings that are automatically stored in Active Directory. This facilitates the rapid automatic deployment and maintenance of configuration settings across a large number of hosts, reducing administrative time and cost.

These policies are reapplied to each host based on a predetermined interval. The feature insures that any unapproved changes to the configuration items maintained by PowerADvantage will be reset back to the approved settings at the next policy refresh interval.

PowerADvantage is available for both server and work station pricing, according to Libenson.

For server installations the product costs US$290 per server. For workstation installations the product costs $45 per station.

Print Version E-Mail Article Reprints More by Jack M. Germain

Talkback: Be the first to comment on this story.

More by Jack M. Germain

Yahoo Lets FOSS Community Drive Its Traffic Server
November 04, 2009
Yahoo Traffic Server is an app server for builders of cloud services. The software package enables session management, authentication, configuration management, load balancing and routing for an entire cloud computing stack. Yahoo has now open sourced a version of the application through Apache. 		Is AES Encryption Crackable?
November 03, 2009
A team of researchers has discovered what they think could be a flaw that leaves AES encryption open to attack. The technique has only been shown in a theoretical setting; in practice, such a hack would be very difficult to pull off. Still, such a finding could bring into question the faith that's been placed in AES -- and spur new innovation to make encryption even better. 		Windows 7 Is a Snooze
October 29, 2009
It's accurate to say that Windows 7 straightens out some of the problems with Vista. Aside from that, though, there aren't a whole lot of standout reasons to upgrade to the new OS, especially if you're currently on XP or you honestly don't mind Vista. The new features that are present aren't quite worth the trouble to learn how to use, and if you happen to have even slightly old equipment, forget about it.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> WiFi Hotspot Locator
> Inside LinuxInsider
LinuxInsider
E-Commerce Times
TechNewsWorld
MacNewsWorld
CRM Buyer
Today's LinuxInsider Sponsors
Avaya Aura™
Save up to 40% on calling costs with Avaya Aura™
Entrust Extended Validation SSL
Entrust EV SSL certificates -- "go green" for less. Now from only $199 per year.
Trend Micro Smart Protection Network(TM)
Lower your content security management costs by up to 40%.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2009 ECT News Network, Inc. All Rights Reserved.