Symark, creator of the Power series covered in the past here on The Tech Herald, has this week announced PowerKeeper 3.0. PowerKeeper is an appliance that protects UNIX/Linux root, Windows Administrator, and other privileged accounts such as Cisco Enable. The new version now offers support for application-to-application (A2A) and application-to-database (A2DB) connections.
Symark releases PowerKeeper 3.0 - offers A2A and A2DB support. (IMG:J.Anderson)
According to key findings in a recent Gartner report by Research Vice President Ant Allan and Managing Vice President Ray Wagner, “Using passwords for application-to-application (A2A) and application-to-database (A2DB) authentication, with the passwords hard-coded in the calling application, gives rise to significant security risks. The need to periodically change such passwords gives rise to significant operational risks. Strategic authentication approaches can’t be simply retrofitted to all applications because the effort and time scale of such work would be prohibitive.
“Although organizations often have a more-robust strategic authentication approach, it’s seldom practicable to retrofit this to all applications. Wherever software-account passwords must remain, a software-account password management (SAPM) tool can mitigate security and operational risks.”
With the new A2A and A2DB support included in PowerKeeper 3.0, each application is protected by a certificate and a series of administrator-selected program factors to validate that the application requesting the credentials is approved to receive them and is executing in the proper context. This offers protection from unauthorized access to the credentials, even if an attacker tries to spoof the approved application requesting the credentials.
As with the other appliances in the Power Series, logging on PowerKeeper 3.0 is equally insane. It tracks and logs all password activity -- including requests and releases -- and creates a wicked audit trail from which various reports can be generated.
PowerKeeper 3.0 also utilizes the HP ProLiant DL360 G5 server, which includes beefed-up fault-tolerance functionality. As a mission-critical system, PowerKeeper must be continuously available. The appliance features several layers of redundancy to protect against failures, including implementing High-Availability Pairs, where a primary PowerKeeper appliance is paired with a replica so that if the primary appliance fails or becomes unavailable, the replica appliance will automatically take over all PowerKeeper functions.
PowerKeeper 3.0 is available now at a cost of $25,000 USD per appliance, which includes 100 licenses to manage 100 different systems with an unlimited number of users.
View blog reactions
There are currently no comments for this article. Be the first to comment! (no registration required)
Advertising
There are currently no comments for this article. Be the first to comment! (no registration required)