Solutions: Xceedium GateKeeper Technology
Solutions
- Market Overview
- Manage Outsourcing Risk
- Compliance Solutions
(PCI, HIPAA, SOX, etc.) - – PCI Resource Center
- – Who Must Be
PCI Compliant? - – PCI Challenges
for IT Operations - – Xceedium
GateKeeper
Technology - – Xceedium
GateKeeper for PCI - – PCI Case Studies
- – PCI White Papers
- Vendor Access Control
- Secure Remote Administration
- Enhanced Security for Citrix™
Xceedium GateKeeper Technology
 |
|
The GateKeeper's unique technology delivers the most powerful compliance solution on the market for privileged and external users that includes: centralization of access, compartmentalization, containment, comprehensive tracking, monitoring and alerting, as well as automated reporting.
Xceedium GateKeeper Technology Summary
| Function | Benefit | Value Proposition |
| Control access to systems and applications from any location |
|
system level |
| Provide robust event logging |
to support investigationsactivities |
and monitoring activities |
| Produce standard and custom reports | Automate the testing of controls with reports directed to roles, functional area, dashboards, forensics, scorecards, etc. |
• Expand capabilities of existing access control andmonitoring solutions
• Layer on top of and add value to: CITRIX SIM SIEM
|
Centralization of Heterogeneous Infrastructure
- IT operations platform that allows these users to easily do their jobs
- Security policy creation and enforcement
- Tracking of all user events and activities for all devices and systems, including keystroke logging and session recording
Compartmentalization Access Method – Reverse Port Tunneling
- Reverse Port Tunneling access methodology provides compartmentalization to the port level
- Lack of visibility to unauthorized areas of the infrastructure
- Application Isolation
- No footprint on the network
Using a Reverse Port Tunneling access methodology, the Xceedium GateKeeper enables granular compartmentalization for each user at the device, system, port and application level, as well as centralized SSL encryption for all access methods. The Xceedium GateKeeper provides dual layer encryption, which is a simple and unobtrusive way to phase out client-side access to legacy systems (i.e. legacy POS systems.) It can also provide clear text protocol conversion if required by the customer (i.e. SSH-to-Telnet.)
Containment – LeapFrog Prevention™ Technology
- LeapFrog Prevention Technology
- Lockdown containment to authorized areas
- Appliances
- Servers-windows, Unix, Linux, Citrix
- Flexible white list and black list
- Real-Time Alerting
- Remediation
Xceedium's patent-pending LeapFrog Prevention technology detects and prevents violations of the access security policy with a violations model that includes the ability to define commands and key words that are prohibited from use (with a white list or black list). If a particular action is a violation, Xceedium GateKeeper prevents it from being completed and issues real-time alerts. Additionally, LeapFrog Prevention socket filter technology enables the Xceedium GateKeeper to monitor and enforce policy at the socket layer, as well as prevent and track all user violations. When a user attempts to open a socket to another device or server on the network using interactive protocols or commands, GateKeeper blocks use of the protocol to prevent "leap-frogging" to other unauthorized devices. LeapFrog Prevention technology is available for Windows, Linux, Solaris, AIX and all network devices/appliances.
Monitoring and Alerting
- Connections are monitored and reported in real-time
- Proof of containment
- Email notification
- Real-time alerting of violation attempt
- Silent Alerts Available
Tracking and Logging
- End-to-end view of all activity, in one central place, at the source IP address level
- User activity is tracked and logged, including the date and time the user logged into a specific device and the access method. Additionally, the duration of the session is audited and tracked for future review and to validate compliance
- Detailed audit capabilities that deliver not only keystroke logging but session recording
Reporting
- Standardized report templates allow auditors and regulators quick access to familiar reports and evidence
Xceedium provides easy-to-produce reports that assist companies in validating that they have met PCI compliance requirements. These centralized reports deliver information on individuals, groups, devices, protocols, violations, etc. and are combined with flexible filtering to make it possible to easily produce the comprehensive audit reports needed to satisfy PCI compliance requirements.
