1 / 22

BalaBit Shell Control Box

BalaBit Shell Control Box. New Concept for Privileged User Monitoring. Agenda. Market challenges. User Monitoring by BalaBit. Conclusion. BalaBit IT Security „ The syslog-ng company ”. 2011 revenue : $10.3 M (35% annual growth ) Number of employees: 120

inari
Download Presentation

BalaBit Shell Control Box

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BalaBit Shell Control Box New Concept for Privileged User Monitoring

  2. Agenda Market challenges User Monitoring byBalaBit Conclusion

  3. BalaBit IT Security„The syslog-ngcompany” • 2011 revenue: $10.3 M (35% annualgrowth) • Number of employees: 120 • Number of customers - global: • commercial customers: 800 • open source users: 850.000 • 12 years experience in IT Security • Global partner network, 80+ partners in 30+ countries • Awarded to Deloitte Technology Fast 500 and Fast 50 Lists (2010)

  4. ExternalChallenges:Security Breaches

  5. ExternalChallenges:Compliance Pressureto Monitor Users

  6. InternalChallenges:Uncontrolled „Superuser” Access IT Staff UNLIMITED AND UNCONTROLLED ACCESS!!! SSH Outsourcing partners HTTP, Telnet Controllimitations of FWs RDP, VNC Managers Citrix • Firewall, • Network devices, • Databases, • Web/file servers, • Citrix server… VDI users Toocomplexenvironments

  7. InternalChallenges: „Superuser” Fraud Source: BalaBit IT professionals survey, 2011

  8. Logging is not enough… 1. Several security events are not logged! 2. Logs typically do not show what was done. 3. Logs often show only obscure techn. details.

  9. Key questions to answer…

  10. IT Staff Privileged Activity Monitoring by Shell Control Box Outsourcing partners SSH SSH HTTP, Telnet HTTP, Telnet Managers RDP, VNC RDP, VNC Citrix Citrix • Firewall, • Network devices, • Databases, • Web/file servers, • Citrix server… VDI users

  11. PrivilegedActivity Monitoring byBalaBit Shell ControlBox Shell Control Box (SCB) is an appliance that controls privileged access to remote systems and records the activities into searchable and re-playable movie-like audit trails.

  12. Authentication Security & compliance benefits: • Integration with user directories (AD, LDAP, etc.) • Shared account personalization • Strong, central authentication • Password mngmt • Independent auth. of SCB admins and auditors Key Benefit: ADDITIONAL AUTHENTICATION LAYER!

  13. Access Control Security & compliance benefits: • Central access control gateway • Multi-protocol support - SSH, RDP, VNC, Telnet, Citrix, etc. • Sub-channel control (e.g. file transfer) • Access by time policy • 4-eyes authorization • Real-time access monitoring Key Benefit: GRANULAR ACCESS POLICY ENFORCEMENT!

  14. Real-time alerting (& blocking) Security & compliance benefits: • Alerts for monitoring tools • Alerts for supervisors Comingin Q4 2012: • Terminates session if risky action • Risky actions are customizable (e.g. failed login, program execution, credit card number…) Key Benefit: IMMIDIATE REACTION ON CRITICAL EVENTS!

  15. Audit & Forensics Security & compliance benefits: • Real-time activity monitoring • Tamper-proof, HQ audit trails • Movie-like playback & search • File transfer audit • Independent, transparent audit device Key Benefit: INDEPENDENT TOOL FOR QUICK AUDITS & FORENSICS!

  16. Reporting Security & compliance benefits: • Activity reports (e.g. failed logins, admin commands, etc.) • Customizable reports • Advanced statistics • Compliance reports (PCI)(comingin Q4 2012!) Key Benefit: GRANULAR ACCESS REPORTS TO HELP COMPLIANCE!

  17. SCB in the Compliance & Security Environment • Alerts • Centralmgmt • Encryptedtrafficanalysis Systems Mgmt IDS • API: • integrationwith 3rd partyapplications • remotesearch and management SIEM / Log Mgmt PasswordMgmt • Exactnametogenericadminusers • Passwordmgnmt • Augmentedlogs • Better sec. investigations • Better Reporting

  18. Market drivers – Use cases

  19. References

  20. Licensing and Implementation • Hostbasedlicensing • Provided as applianceorvirtual image • Scalableup to 10TB for auditing „unlimimited” hosts • HA option • Implementation and training: 2-4 days • 7/24 vendor support (option)

  21. Conclusion Benefits for business • Faster ROI • Faster and higher quality audits • Lower troubleshooting and forensics costs • Centralized authentication & access control • Complete solution for user monitoring • Lower risk • Improved regulatory and industry compliance • Better employee/partner control • Improved accountability of staff • Bullet-proof evidence in legal proceedings

  22. Thank You!

More Related