 
The management of administrative account passwords such as ‘root,’ ‘administrator,’ ‘sa,’ and ‘enable’ is a problem that has existed since distributed systems made their way into business environments.The management and control of shared / privileged account passwords of all type is a demanding security and compliance concern for today’s enterprise. Internally developed solutions such as, safe/envelope, encrypted spreadsheets and databases are unable to meet the audit demands driven by SOX, PCI, HIPAA, GLBA, Basel II and others.
Appliance Overview:e-DMZ Security’s Password Auto Repository (PAR) is a purpose built appliance designed to deliver the security and trust demanded when deploying our Total Privileged Access Management (TPAM) suite.TPAM Integration: As an integrated secure appliance, PAR is delivered with the TPAM Privileged Password Management (PPM) and Application Password Management (APM) modules enabled. The base appliance is “out of the box” ready to deliver the privileged password management features and functions detailed in the PPM and APM brochure (see brochures for details). As a purpose built, client/agent-less appliance, there is no additional software required for deployment. As a secure host for the TPAM Suite, the additional Privileged Session Management (PSM) and Privileged Command Management (PCM) modules can be license enabled to extend the capabilities of Password Auto Repository (PAR). e-DMZ Award winning BEST Password Auto Repository (PAR) was specifically designed to provide a commercial solution to the problem of shared password management. Designed in a purpose build appliance form factor, Password Auto Repository addresses the best storage, release, update, and auditing of administrative passwords. Solution's provided by e-dmz PAR (Password Auto Repository) :
Winner of SC Magazine’s Readers’ Trust Award as BEST Account and Password Management and Identity Management solution, PAR is the choice of companies of all sizes from SME to the world’s largest enterprises including 4 of the top 7 Forbes ranked Banks!Delivered as a purpose built hardened appliance with no agent software or 3rd party software/hardware needed to deploy —Password Auto Repository can be installed and running within one day delivering an immediate ROI.
Management of Shared Privileged Account introduce solutions rather than management of single user Account and Password. . |
Security Enhancements
| Enhancement: | Value: |
|---|---|
| No Console and/or Console Access. Only access is via associated “role based” secure web interface(s). | With no console port and/or console level access PAR is not open to any host admin attacks, OS, database or other system level modifications |
| Embedded Hardware Firewall | With an embedded hardware firewall PCI card, the PAR appliance is protected against external network based attacks. The firewall also provides additional auditing. |
| Encryption for Stored Passwords | All passwords generated and stored are AES-256 encrypted via RSA B-Safe AES-256 algorithm. |
| Full Hard Drive Encryption | The entire hard drive of the PAR appliance is encrypted using GuardianEdge Hard Disk Encryption (AES-256). |
| Secure Communication | User connections are secured via https/SSLv3. Initial certificate is signed by e-DMZ and can be replaced with customer specific certificate. Programmatic (CLI/API)communication is via SSH2, AES256 via DSS asymmetric keys. |
| Database Security | Communication between the role-based web application and the underlying database only allow stored procedures to be called from the application. No ad-hoc SQL is allowed. Authentication checks are done on each stored procedure call. |
| Application Security | Segregation of duties is enforced through the Role Based Access Control (RBAC) designed into the application. |
©2004-2010 Aspirant InfoTech Pvt Ltd. All rights reserved.