|
Windows Servers in Today’s Security Management Environment
Servers are essential components to IT infrastructures as they support critical applications and sensitive corporate, customer and partner data. These servers must be continuously protected from a variety of threats, both external and internal. To date, many organizations have taken steps to protect their servers from external threats by deploying firewalls, anti-virus or antispyware solutions. However, a commonly overlooked threat is the threat from within an organization. This vulnerability presents itself in the form of over-privileged administrators and weak levels of accountability. Providing adequate internal controls to protect these host systems is critical to risk mitigation as well as meeting regulatory compliance.
This is often a complicated issue considering the number of different kinds of administrators that are involved in keeping servers up and running on a daily basis. Technically, many of these workers have access to more resources than they require to perform their job function. Unfortunately, native Windows operating systems lack the ability to appropriately segregate administrative duties or trace audit records back to the original user. This issue is further complicated when there are a variety of servers involved such as UNIX, Linux or virtualized operating systems and consistent security policies must be managed across them. Enterprisewide host access management solutions are important investments to protect critical data, fulfill compliance needs and enable cost-effective administration.
Fine-Grained Access Control
In an Active Directory forest system, the domain administrator is the equivalent of a superuser. While their primary role is as owner of IT infrastructure setup and management, they also have unlimited power to create, modify, copy or disable any security resources and services within the forest, sub-domains and systems. Unfortunately, this account may not be well protected by default and login information is often informally shared amongst employees in various administrative roles. This creates a security management nightmare when it comes to separation of duties and maintaining full accountability.
CA Access Control is an independent security enforcement solution which does not rely on the Windows OS or Group Policy. Operation at the system level enables monitoring and regulation of any access to system resources, including those originating from domain or local system administrators. CA Access Control provides fine-grained access enforcement capabilities to regulate, delegate and contain domain administrators or any other account within the forest, domain and servers. These access rights are granted by defined roles and enforced separately from native Windows access controls.
Role-Based Access Control
A major Windows security risk is the potential for an unauthorized person to gain control of a user account in the local or domain administrators groups. Should this happen, the unauthorized user can cause enormous damage by changing critical registry keys, stopping auditing services, modifying audit logs or tampering with other critical services. CA Access Control reduces Windows vulnerability risks by limiting the rights granted to administrator accounts and groups to the minimum permissions needed for each to perform their job function.
Dynamic Control
Group Policy is based on the definition of an access permission hierarchy. Permission changes are propagated to subsequent files and folders based on an inheritance mechanism. This static permission system updates all file permissions at the time of command issue time, meaning propagation of changes can take a long time, especially in a large server environment. CA Access Control employs a dynamic permission system that determines access permissions at request execution time. This provides real-time protection while simplifying policy deployment and allowing more flexible rules to be implemented.
Granular Delegation
Through the Windows superuser account, any permission can be delegated to any user, regardless of whether it is an IT or security function. CA Access Control regulates privileges that can be delegated to non-administrative users. In this manner, necessary access can be delegated to perform IT or application administration tasks while CA Access Control scopes security privileges for security-related staff.
CA Access Control also controls surrogate user delegation capabilities to reduce the exposure that Windows provides through programs like Run-As. For example, an administrator could use Run-As to surrogate to another person’s profile to change a file’s access control list (ACL) attributes without any accountability for their actions. CA Access Control protects on multiple levels by first limiting those who use Run-As and subsequently tracking back to the true identity of those who do.
|
