NetVision Solution for Novell eDirectory on Linux
Are you running Novell eDirectory on Linux to power your network? If so, security across your network is primarily managed via the objects and attributes contained within eDirectory. Improving the security of eDirectory and responding to external and internal audits of your eDirectory infrastructure are likely at the top of your administrative concerns. And NetVision can help make those goals easier to reach.
The Challenge with eDirectory Administration
Administrators leverage eDirectory security groups to grant or deny access to various network resources. And because eDirectory has such a far reach throughout organizations, there are a number of common security concerns:
- Technical staff needs to have full rights throughout the network in order to
effectively manage the environment but some information should be protected from technical staff.
- Multiple technical staff members don't know what each other is doing.
- It's difficult to manage a historical view of changes to user accounts or group memberships.
- There's no understanding of dormant or unused accounts, or when inappropriate rights are granted.
Managing eDirectory in a dynamic organization can be a complicated task. And due to eDirectory's architectural design and commonly used security policies, there are some basic security risks that most eDirectory implementations share. In a sentence,
Administrators have too much control and there's no system of checks and balances.
Fortunately, NetVision solves these problems with simple and effective solutions that are quick to implement, easy to use, and significantly reduce organizational risk.
Solutions for eDirectory Reporting & Monitoring
Although it's unpleasant to get the support calls when an inappropriate change is made, the more alarming question
is what if they didn't call? How confident are you that user accounts throughout the eDirectory tree aren't in
inappropriate groups? Or that there are no accounts left from previous employees or associates? Or that people
aren't accessing files that they shouldn't be?
NetVision's solutions for Novell eDirectory make life easier for administrators while making the
environment more secure for executive management and the rest of the organization.
We do that by providing real-time monitoring of changes to user accounts, group memberships, and more.
Here are a few examples of what we can do:
- Monitor eDirectory user accounts for create, delete, modify and move events. Capture the user account being used along with the affected user, time and date.
- Monitor logon and logoff activity, including failed logon attempts.
- Monitor ACL changes to any object in the tree.
- Monitor password changes.
- Report on user security equivalence.
- Monitor failed logon attempts and user lockout events
- Monitor group memberships and provide reports or alerts in real time when memberships change on important groups.
- Provide a report of dormant or inactive accounts so that administrators or management can review and take action as appropriate.
- Provide email alerts in real time when corporate policy is subverted.
- Report on password and login restrictions.
- Report on explicit rights to container and server objects.
NetVision provides these capabilities along with the industry's best solution for fine-grained filtering of event information. You don't have to store every event that happens within eDirectory. You can filter the events that are processed by event type, perpetrator, object type, specific objects or attributes, server, and more. The result is a highly contextual set of data that is extremely relevant to your business needs.
eDirectory Real-Time Monitoring with NetVision NVMonitor
NVMonitor automates real-time security event auditing and monitoring on Novell eDirectory running on Linux.
By comparing events to policy in real-time, it serves as a centralized platform for auditing of identity-related
security controls, user behavior and the power granted to users on the network. It also enables independent event
sampling, forensics, real-time response to serious security violations and detection of transient activity. The
end result is reduced costs, improved audit integrity and increased security.
NVMonitor Features
- Policy Templates – NetVision supplies templates based on industry expertise, customer feedback, and the ISO 27002 security framework.
- Real-time – With the use of patented agent technology NVMonitor can pick up events as they happen.
- Alerting – When policy violations occur alerts can be sent with the information needed.
- Extensibility – Call other applications and processes to further filter data and perform actions.
- Flexible Data Management – Event data can be recorded in a file, sent to a database for future reporting or used for immediate alerts.
- File System Monitoring – Keep an eye on sensitive data that is widely available by watching for access or changes to files and folders.
- Directory Object Monitoring – Actively monitor, alert, and report on changes to user objects, account status, group memberships or virtually any combination of objects and attributes.
Novell eDirectory Assessment Reporting with NetVision NVAssess
NVAssess automates periodic security audits of eDirectory by comparing the
actual information stored within eDirectory to organizational security policies.
User provisioning, role management, access control, password management and other identity management processes
can all be automatically audited from a single, unified console. NVAssess reports analyze passwords, access history,
group memberships, system configurations, and a range of other identity variables. By auditing actual identity
information stored within eDirectory – rather than the individual systems (provisioning, etc.) and
applications (SAP, etc.) designed to control those values – NVAssess reduces costs,
improves audit integrity, and reduces organizational risk.
NVAssess Features
- Policy Based Assessment – Policy driven data collection is the key to providing information relevant to corporate controls.
- Automation – Policies can be scheduled to evaluate your environment and record findings at regular intervals.
- Detailed reporting – Reports can be defined based on any attribute within the monitored system, many of which are not available in vendor-provided system logs.
- Extensibility – External processes can be called to gather additional information, filter collected evidence or call other applications and processes.
- Scheduled Execution – Audits for compliance with defined policies can be scheduled to execute and be published without human intervention.
Please contact NetVision or visit our products page to learn more about how NetVision solutions can be implemented to support improved security and simplified audit of your organization's Novell eDirectory infrastructure!
