|
|
 | ||
| ||
|
|
|
News < Back Sarbanes Oxley : Technology : Policy Management Prevent Technical Users from Leap-Frogging to Unauthorized Areas Patent-Pending LeapFrog PreventionTM Technology Bolsters Industry-Leading Solution That Enforces Security Policy and Validates Compliance for Technical Users
“The highly-skilled nature of technical employees’ job requirements and the command line tools they use can make it very difficult to track and contain unauthorized activity on the network,” said Scott Crawford, a senior analyst with Enterprise Management Associates. “The LeapFrog Prevention technology featured in the Xceedium GateKeeper solution enables organizations to contain users to authorized areas on the server, and its reporting capabilities are well-aligned with requirements for enforcing security policies and ensuring regulatory compliance.” Xceedium GateKeeper 4.0 provides first-to-market technology that allows companies to protect critical infrastructure by restricting technical users to authorized areas only. Its patent-pending LeapFrog Prevention technology monitors and enforces policy at the socket layer and tracks all activities for these users. When a user attempts to open a socket to another device or server on the network using interactive protocols or commands, GateKeeper blocks use of the protocol to prevent “leap-frogging” to other unauthorized devices. GateKeeper also generates comprehensive, ad hoc activity alerts, enabling industry requirements and regulations to be met. LeapFrog Prevention technology is available for Windows, Linux, Solaris and AIX. “According to a recent CERT study, 86 percent of all internal attacks come from current or previous technical employees,” said Cheryl Traverse, president and CEO at Xceedium. “With the increase of outsourcing, along with compliance requirements, the need to implement and validate controls for this highly skilled user group is driving our success. The Xceedium GateKeeper platform is a powerful solution embraced by some of the most secure IT environments in the world in both government and commercial areas.” Many experts believe they must accept security risks in exchange for operational efficiency. Today’s controls are typically dispersed, decentralized and inadequate. Xceedium GateKeeper 4.0 delivers new features and capabilities that provide security controls, compliance validation and increased operations capabilities. New Features and Capabilities of Xceedium GateKeeper 4.0: • LeapFrog Prevention technology: Blocks use of protocols when a user attempts to open a socket to another device or server on the network, to prevent circumvention of authorized access policies. • Command Line Keystroke Logging and Session Recording: Tracks all activity in the data center and remote locations as a single, centralized source for comprehensive reporting, enabling compliance with S-OX, PCI, HIPAA, FISMA, GLBA and other regulations. • Real-Time Violation Alerts and Remediation: All activities of technical users are extensively monitored and logged. Administrators are alerted to any violation attempts in real-time, and repeated violation attempts can be met with automatic session shut-down and/or suspension of the user’s account. • Easy-to-Produce Reporting: Automates the process of auditing and regulatory compliance reporting. Concise-yet-comprehensive reports are generated that meet industry requirements and regulations. • Certifications: Xceedium GateKeeper 4.0 has received Common Criteria EAL-2, Common Criteria EAL-3, FIPS 140-2, Level 2 and JITC PKI/CAC certifications. For more information about GateKeeper 4.0 The Xceedium GateKeeper™ is a hardened appliance that enforces security policy and validates compliance for technical users working within critical infrastructure at Fortune 200 and large US government agencies. Technical innovations include: compartmentalization, containment through patent-pending LeapFrog Prevention™, comprehensive tracking and easy-to-produce reporting for C-level executives, infrastructure managers and auditors. Target markets cover government, financial services, retail and managed service industries. The product integrates with existing enterprise systems such as Citrix, Active Directory, PKI/CAC etc. and supports PCI, Sarbanes-Oxley, HIPAA and is Citrix Ready Certified. Xceedium GateKeeper has achieved Common Criteria EAL3, FIPS 140-2, Level 2 and JITC PKI/CAC certifications. Xceedium is headquartered in Jersey City, N.J. For more information, visit www.xceedium.com. 
|
|
|
||||||||||||
 | |||
| |||
| |||
|
© 2019 Simplex Knowledge Company. All Rights Reserved. | TERMS OF USE | PRIVACY POLICY |
