[HOME]           [About Us]           [[Products]]           [News]           [Contact Us]                                                                  [Site Map]

 

 

 

Overview

MatchLogon GINA

MatchLogon Server

SAP/R3 Integration

Technologies Supported

Authentication Scenarios

 

[Auditing & Admin]

 

Procedure

Problems with Passwords

Why fingerprinting?

Sequential What?

Behind the scenes

System Requirements

 

Auditing and Administration

 

It is well know that "insider attacks" can be the biggest threat to security. According to many security specialists, about 80% of all cases of unauthorized access within a company intranet is carried out by an "insider" - an employee who has been granted the appropriate access rights. The problems occur in many organizations; even when adequate data protection and security services have been implemented. The security infrastructure may be designed to provide the level of protection you want, yet it must be controlled by administrators, who must be granted certain privileged rights. Without adequate auditing capabilities this may lead to serious security breaches.

 

To counteract these potential problems, MatchLogon's Audit Services provide unprecedented data protection levels that are independent of the rights of administrators and individual users. Audit Services eliminate the possibility of privileged employees or violators covering their traces of accessing and/or modifying protected data or by-passing the security system. The following are some specific aspects of a MatcHLogon security system that enable such auditing measures:

 

· Secure ID cards and the use of biometrics to authenticate users make it very difficult for users to perform actions anonymously or impersonate another user. It's also very hard to forge or get into possession of another user's ID-token or biometrics.

·  All security events throughout the system (logons, account and credentials modifications, security policies changes, etc) are logged into several journaling servers simultaneously and independently. Physical and logical access to such servers is usually restricted to a special group of people - auditors. Auditors are independent of administrators or other privileged users.

·  MatchLogon journaling services will uncover any malicious attempts to break into the system even if the attacker tries to cover-up or undo the changes. It doesn't matter whether the attacker is a regular user, privileged user or an Enterprise Administrator - all security events are logged on journal servers.

 

MatchLogon extends the User Manager application provided by Windows: Active Directory Users & Computers (ADUC) snap-in. MatchLogon adds a new property page "MatchLogon" to the existing user profile dialog. This allows network administrators centralized access to MatchLogon functionality from anywhere within the Active Directory forest, and through the applications and access points native to Windows.

 

MatchLogon property page integrated into ADUC - User Properties dialog

 

MatchLogon User Viewer

MatchLogon provides an additional MatchLogon User Viewer MMC console intended to provide system administrators with the capability of listing all domain users and viewing their MatchLogon specific properties. The MatchLogon User Viewer console can also be useful to security officers by enabling them to identify which employees are not MatchLogon users yet, which are MatchLogon enabled but have not enrolled their authenticators yet and which are already MatchLogon users.

 

All of the data that the MatchLogon User Viewer console displays can be sorted or exported for analysis in more powerful report writing applications such as Microsoft Excel or Crystal Reports.

 

Policies

MatchLogon policies allow the administrator to customize how MatchLogon operates and interacts. Many policies determine authentication and security requirements. Using MatchLogon policies, the overall security of the system can be increased or decreased to support various security and user requirements.

 

Audit

Audit refers to the process of logging and/or recording events. Events in MatchLogon typically take on the form of a user ("SomeUser") who succeeded or failed to do "something". MatchLogon audit trails or logs enable administrators to see which system resources were or are being accessed, by whom, and from what workstation.

 

There are numerous benefits to having audit trails available. Chief among those benefits is the ability of the network/domain administrator to identify problems, possible security breaches, and to view the status of the domain.

 

In order to support Windows functionality and integration requirements, MatchLogon leverages the native Windows Event Viewer sub-system to report all events. It extends the standard Event categories to include a MatchLogon specific node.

 

MatchLogon provides a powerful mechanism for multi-centralized auditing. By specifying the names of the audit servers, administrators and security departments can access different views of system events and use the native Windows Event Viewer to control the health of the system.

 

Jump to other product categories:

[V-STARS]     [coatings]     [infotech]     [cryogenics]     [machined components]     [consulting]

 

                                                                                                                                                                                                                                                Copyright © 2007 DNP Global