eTrust Policy Compliance Facilitates Centralized Management of a Distributed Network

eTrust Policy Compliance provides host-based vulnerability scanning, policy audits and compliance assessments that protect against unauthorized usage—preventing data delivery jeopardy or information compromise. With eTrust Policy Compliance, organizations can more easily secure their heterogeneous environments, particularly when assessing security on: Windows NT/2000, Linux, UNIX and VMS; applications such as Oracle, Sybase, MS SQL Server and Apache; and other eTrust products. eTrust Policy Compliance is an integral part of the comprehensive eTrust family of security solutions. It delivers enhanced functionality to help organizations:

• Identify potential weak points in security policies.

• Generate appropriate corrections through an automated fix capability.

• Prevent problem recurrence by constantly monitoring systems.

How eTrust Policy Compliance Works

The eTrust Policy Compliance methodology is based on components that enable users to centrally manage individual systems or a distributed network of systems. From a central Windows 98, Windows Me, Windows NT or Windows 2000 workstation, the security status of multiple UNIX, Linux, OpenVMS, Windows NT and Windows 2000 systems on the network can be simultaneously assessed. If any system has a security concern, a detailed security audit and policy review can be performed to identify a problem. Identified problems are then analyzed and corrected. eTrust Policy Compliance enables users to manage by-exception. Using the product’s monitoring facility saves time and resources, since users will only have to look for deviations from baseline security policy models.

The following diagram shows this proven methodology, which results in the highest level of security for all systems while minimizing the effort and resources required to attain it.

eTrust Policy Compliance Architecture

The eTrust Policy Compliance architecture facilitates easy centralized management of a distributed network. It consists of an agent component and a client manager.

1. The Agent Component Each system to be audited, analyzed and monitored runs an eTrust Policy Compliance agent. When the agent receives a request from an eTrust Policy Compliance client, it gathers information about the operating system and database security status and returns it to the client. Each agent is specifically designed for the platform on which it operates.

2. The Client Component By residing on a central system, the client component acts as a single point of control—there’s no need to be concerned about different operating systems or versions existing on the network. Once information is easily requested from one or more systems, the client processes the requests to all the relevant systems on the network. Each agent then generates the requested reports, which are sent back to the client for further handling. In most configurations, an agent can also be run on the same host as the client so that the security of that system can be managed and monitored as well.

The client manager provides both a graphical user interface and a command line interface. They can be used as an interface to build models or batch processes, and report interactively. In addition, reports can be scheduled to run whenever it is most convenient— enabling easier remote system monitoring.

The following diagram shows how the agents and the client manager work together to uncover problem areas across the IT infrastructure, as well as correct them to eliminate exposure to potential intrusion.

Distinctive Features

Dynamic Vulnerability Web Update. New security vulnerabilities are being discovered daily. Waiting for traditional product release cycles to check for these vulnerabilities exposes organizations to significant risks. The eTrust Policy Compliance web update provides the latest checks available for these new vulnerabilities. In addition, it provides easy access to up-to-date security checks so the latest known and exploited security holes can be identified—reducing exposure to hackers.

Convenient Mass Deployment With Silent Install. eTrust Policy Compliance offers a way to create a silent installation file, enabling administrators to deploy volume installations across the entire distributed system—saving valuable time and resources.

Automated Fix Capabilities. eTrust Policy Compliance provides a quick and accurate fix capability that can be easily executed directly from the audit result display to instantly reduce security exposures. With the automated fix, the administrator can streamline the fix process and immediately correct identified security weaknesses and abnormalities.

Enhanced Reporting Capability. eTrust Policy Compliance provides informative, easy-to-understand audit reports on the system’s current security status. These reports are easily exportable to other reporting mechanisms.

Security Audit Information Protection. All security audit information is encrypted for protection when it crosses the network—ensuring the integrity and confidentiality of the message.

Security Policies Maintenance. Administrators can rely on eTrust Policy Compliance to build a snapshot of their security configuration to ensure that their “ideal” baseline is maintained.

Security Breach Prevention. eTrust Policy Compliance isolates the files and directories that lack proper access control or protection.

Flexibility. Customization facilities enable the use of third-party monitoring and special report designs. In addition, eTrust Policy Compliance works with other eTrust products and Unicenter® solutions for a total security solution.

System Resource Containment. eTrust Policy Compliance does not require dedicated resources since it only consumes CPU resources when it actually performs an audit.