S A T - Control Stage by Novasys srl

The SATCS® module is a security software that enables the user administration in a strict and detailed. It is ideal for handling emergency and critical users, segregation of duties and audit servers.

SATCS® manages all client users who want to have a special deal on your password policy. All these critical users changes their password on any platform without the need for agents or special attributes on the platform.

It also offers a suite of tools through which the controlled system users leave traces of his session, so SATCS® helps us comply with current regulations requiring control who accesses critics, When and What users blocks them.

Controlled Users are those existing in some team supported by our system is chosen to be controlled by SATCS® platforms. Maximum protection for the actions of privileged users, be achieved if ALL critical users of each team are under the control of SATCS®.

Once defined the Managed Users will be allocated virtual visions of them (call them envelopes to facilitate the description as it is the diagram used in manual control processes Passwords). Controlled users are those that the customer decides to put under the protection of SATCS®, not being required to meet the condition of being a user with special privileges.

Using the philosophy of the control system on, SATCS® combines the characteristics of users of emergency (User Controlled) in a single repository, allowing policy changes and assign password complexity. Once defined the Managed Users will be assigned the same virtual visions (Envelopes).

There are different types of envelopes according to the actions required to do with the credentials of user controlled. They are divided into three types:

Standart Envelops:

When using these envelopes delivery system is password controlled user.

Protect Envelops:

When using these envelopes is the system opens an interface without revealing the password and user controlled logeando any activity in this session.

Envelopes of segregation of duties:

When using these envelopes is the system performs an action with the credentials of user controlled (Connecting to a group, Restart a service, run applications, etc.)

SAT® runs regular checks on sensitive defined or controlled systems of different users, configuration files. All these actions are notified by email to the Directors and Deputy Directors of SAT®.

KEY FEATURES

COST REDUCTION

· Automation of administrative tasks.
· Elimination of costs associated with the old manual process envelopes.
· Controls and automatic password changes.
· Failure to use agents allows quick and without incurring overhead in deployment platforms.
· Optimization of time and resources to an audit

FLEXIBLE ADMINISTRATION

·Pre-defined Roles Administrator, Deputy Administrator and Auditor. ·Automatic Controls and generating predefined reports. · Dashboard for viewing system status.

USER ACTIVITY LOG

·The user activity is logeada emergency in the system.
·Client SSH / Telnet.
·Client Terminal Server.
·Copies SCP client.

(MINIMUM) SYSTEM REQUIREMENTS

·Windows 2000 Server
·Internet Information Server 5.0
·Net Framework 2.0
·Microsoft SQL 2000
·Clients: Internet Explorer 6.0

SUPPORTED PLATFORMS

·Sun Solaris / AIX / HP-UX / Linux.
·AS/400.
·Z / OS.
·Z / VM.
·Tandem.
·MS SQL / Oracle.
·Router / Firewall / Switch.
·Windows 2000/XP/2003/Vista.
·Windows Services.
·Active Directory.

SECURITY AND INTEGRITY OF INFORMATION

·Sensitive information is encrypted with 256-bit AES.
·Compatible with replication services database.
·Files encrypted contingency. Emergency Module.
·Server License contingency.

3 EASY QUESTIONS

HOW TO MANAGE ?

Privileged users are generic user accounts used by different people over time. Therefore identifying who performs an activity is difficult to record. This is why it should be treated differently, access to these accounts must be controlled and planned. From the top of a password SATCS® identity is protected by the system of rotation giving treatment and insurance.
The storage of these passwords is protected by SATCS® using data encryption and monitoring the unauthorized accesses to the database.

HOW TO CONTROL ?

Once an identity SATCS® controls access to it you must meet authorization flow therefore can record who made ??use of an identity and who authorized it.
Using the logging can log all session activity established privileged identity in real time and in the repository SATCS controlled and protected. This way you can track not only of the application of the respective identity and authorization flow but also the activity of identifying each session with it even when two or more people access the same identity while.

HOW TO DELEGATE AND SPEED UP ?

There are many activities that are repetitive and simple realization that unqualified personnel delegate to pose a great risk from the point of view of security, among these tasks can name unlock accounts, assigning passwords, bakcups execution, restart services, etc .
Using SATCS® can delegate activity while minimizing the risks, since the tool provides a controlled environment that allows unqualified personnel execute only actions that have allowed keeping detailed records.

MORE INFO ABOUT SAT

LOG SESSION

APLICATIONS

MULTIPLE PLATFORMS

CONTINGENCY

Access to Windows Applications.
This functionality is complex and the aim is to provide a form of access control with users of client applications in Windows.

The device consists of tools to define the routines that will be executed by SATCS at the time of access to Windows applications, this being a way to manage usage without allowing the user to view the password and making log of everything that takes place in application. This facility allows a strict control of that user as it has all the information of what has been done, and we make sure that no other accesses to the same user as the password without SATCS® keep communicating. Additionally, this module allows us that in case that the application will allow, password management automatically. Words were changed and updated as often and the formats are defined to comply with the recommended safety standards.

The following are features of this device:

There are 2 versions, one complete and the other basic, the difference is the number of applications that each can handle. Full exceeds the ability to handle different access 200 Scripts. The Basic not allowed to drive more than 15 scripts. The base can be expanded over time.
·The amount of controlled users will be deducted from the amount of licensed users in SATCS®.
·No agent is required to use this module.
·The generation of hits for new applications can be organized using the service module support.
·Novasys can quote arming access routines.
·The safety device is the same referred to SATCS®.

With the installation of this device, which must be prepared at the factory, SATCS product can handle multiple instances. An Instance is a complete set of functional components SATCS® be installed on the same server, you can replicate 100% of the functionality of SATCS® in an extra set of user controlled.

·It is ideal for managing several companies independently with a single product installation SAT.
·Instances maintain all the same code level. Conditions require the definition of trust in communications.
·The team should be evaluated by Novasys and require expansion as additional instances are installed.
·Enabling new instances is performed by the client Novasys to hire her.
·Reports are kept separate for instance.
·All installed instances share the maximum number of users to handle controlled.

For those customers who so desire, may directly acquire the routines used by the management module access to applications already developed.
Among the available SAP, Oracle and SQL Management Studio.

There are situations in which several groups have need for some users to access more than one SAT. For example a company Maintenance Systems must access various facilities.

The user will be defined in each SAT and also on the HUB.
When the user accesses the Hub, is validated as defined and then used a page where all the access that you can use is. Clicking on hits allowed, will connect and start a session with the SAT defined for that user. Some definitions of trust relationship between SAT control environments are required to allow interaction between them. From the Hub reports only users defined to access is obtained.

Stage SAT Control, through its ILT (Identity Logging Tools) interface records all activity in real time by the privileged user on the platform to which it is connected. Depending on the platform, the log is guarded in text or graphic format for further analysis if necessary. These tools (ILT) enable register multiple sessions of the same privileged user and store each log independently ensuring the identification of each session separately.

Using ILT (Identity Logging Tools), Stage SAT Control allows you to run any Windows application installed on the PC from which you access with the credentials of a user controlled by SAT and record the activity in the application and its processes without interfering with other applications that are running on the user's PC.

This facility allows for example to run the SQL Manager, connect to the SQL Server engine safely and record all activity. This way you can keep track not only of computers and operating systems but also business applications without the need to use special connectors or agents.

Stage SAT Control is designed to allow different contingency scenarios, ensuring operational capability of the product and to protect data against any eventuality. To this emergency tools that allow access to sensitive data anytime and anywhere without the need for access to the database is provided.

Moreover, using contingency license may define high availability services, consistent with the core technology to ensure business continuity.