Application Resources
HOME | DOWNLOAD | SITEMAP | CONTACT US
home
Company Profile
serviceweoffer
our clients
our partners
contact us
Knowledge base
 
VOS Auditor (VA)
 
The complete security and auditing solution for Stratus/VOS meeting the latest PCI requirements.
 
VOS-Auditor in a nutshell
A three-layered solution
1
Configuration - definitions of all regulated data files, monitored objects, files, directories and user's access profiles.
1
24x7 Monitoring - real time monitoring of configured objects, with automated responses, blocks and dynamic alarms.
1
Reporting - periodic or on-demand security and auditing reports of all security-related events.
Interactive Sessions and user activities
1
V-Auditor allows security officers to match any user to a set of allowed activities and unique access privileges.
1
V-Auditor eliminates the constant guess-work and effort of keeping user's privileges manageable.
1
V-Auditor manages developers and system-administrators without affecting their day-to-day activities.
1
V-Auditor guarantees secure environments for much less resources.
Access to sensitive data files and directories
1
V-Auditor maintains access rights in a single, centralized configuration for the entire system.
1
V-Auditor scans system objects, automatically enforces standard configuration and reports unauthorized changes.
1
V-Auditor allows security officers to easily promote, denote or remove all user's privileges from the system.
1
V-Auditor eliminates the risk of unauthorized access to sensitive confidential corporate data.
Managing the risk of Privileged Commands & VOS' Analyze-System interface
1
V-Auditor's Privileged Command Center allow only limited access to selected Privileged commands and analyze_system requests on a per-user basis.
1
V-Auditor allows security officers to define all personnel as non-privileged users without affecting their day-to-day activities.
1
V-Auditor provides per-command, per-user controls as opposed to the all-or-nothing limitation of the operating system.
1
V-Auditor maintains a complete audit-trail of all privileged commands and analyze_system requests.
Reports and Distribution
1 User Registration Report.Sample
1 User Sessions, and Command Execution Report.Sample
1 Consolidated Security Incident Report.Sample
1 File Integrity Report.
1 Automated distribution of reports to security personnel via E-Mail.Learn more.

Interactive user sessions
Privileged Command Processor
All registered users are defined as non-privileged users while V-Auditor executes and manages all privileged-command and analyze_system activities. Such powerful commands may also be protected by special passwords.
Secure Command Shells
V-Auditor features a Menu-ed and VOS-like secure and audited sessions for all users including developers, operators and system administrators.
Security Levels & Restrictions
A user, or group of users can be easily given different security-levels, promoted, denoted or removed from the system.
Time-based restrictions
V-Auditor can automatically and dynamically change privileges based on the time of day based on predefined criteria. For example, it can block certain activities during the night shift and allow other activities during other times.
Audit Trails
V-Auditor reports all user's session information - time of entry, activities and time of exit. Extensive criteria, allows selection of specific users, groups and specific timeframes. Special reports outline all Privileged activities including analyze_system requests. Security events and attempts to gain unauthorized access are highlighted.
Registration Database
V-Auditor can distribute via Email, periodically or on demand, detailed reports outlining all currently-registered users with special highlighting of Privileged users.

Protecting confidential data
Centralized database of access privileges
V-Auditor features a centralized system-wide database designed to control access to confidential databases and system directories. Thousands of objects and users are easily maintained.
Enforcement
V-Auditor scans the entire system at predefined schedules and automatically enforces access-right standards as set up be the security officer.
File integrity reports
V-Auditor reports any unauthorized changes made to any of the system directories or confidential files.
Making changes
Making changes to a user's access profile is done once. V-Auditor does the rest - it scans the entire system and applies the changes across the potential thousands of files or system directories.
Removing users
On demand, V-Auditor scans the entire system and removes all access right previously given to a given user or group of users. This assures that no ex-employee will have any access rights left behind on the system.
Using Templates and Scripts
V-Auditor features simple, easy to use Templates and Scripts that are used to rebuild the security database from scratch or to quickly apply it to a different Stratus module.

Registration Database Management
New alternative to registration_admin
New screen-driven interface to VOS User Registration Database offers more control over the all-or-none limitation of registration_admin.pm.
Managing Registration
V-Auditor makes use of new intuitive commands:
add_registered_user, delete_registered_user, update_registered_user, list_registered_users, pending_changes, apply_registration_changes, discard_registration_changes.
Audit
V-Auditor records every addition, deletion and changes made to the Registration database.
Using Scripts
All Registration management functions may be automated by using scripts. Using scripts not only saves time - scripts enhance control and reduce the risk of human error.
Enhanced security:
The 2-phased approach
All changes are recorded to a temporary database (phase-I) which allows the security officer, at a later time, to apply the pending changes or discard them (phase-II).
Alarms
V-Auditor treats any change made to the Registration Database as a security event and will post a message to the Operator's console and will be part of its 24x7 monitoring (see below).

System Events
Processes Process creation, termination, priority changes.
System Administration
Selected administration and configuration activities including login_admin, logout_admin, disk_maintenance activities, time/zone changes and more.
File system
File, link, and directory creation, deletion, renaming, truncation, index-definition changes.
Miscellaneous access controls
Execute-in-kernel program invocations, file system, process, and system access violations.

Secure, encrypted sessions
SSH1/SSH2 protection
V-Auditor features Secure-CRT-for-Stratus terminal emulation software. Secure-CRT provides extra security and encryption of remote access, file transfer, and data tunneling by using the open Secure Shell protocol.
Industry standards encryption AES, Twofish, Blowfish, 3DES, RC4, and DES ciphers.

Reports
Registration Report
V-Auditor reports all registered users with special highlighting of Privileged users. The report includes information on password expiration and terminated accounts.
Interactive Sessions
The Short Session Report outlines login/logout and session duration summaries while the more detailed format, outlines all commands that were executed during the reported sessions.
Security Incident Report
V-Auditor reports all security incidents and unauthorized attempts to access a system object including the user-name, time of day and detailed description of the event.
File Integrity report
V-Auditor provides a detailed report outlining all potentially unauthorized changes that were made to the file system (ACL/DCL).
Criteria
The security officer may choose a range of dates, specify user(es) and the type of incidents he wishes to include in his audit reports..
Report distribution
V-Auditor creates HTML web-enabled reports and distributes them via Email to any number of security officers for review.

24x7 Monitoring
Real-time alerting V-Auditor sends alert messages to selected terminals.
Automated responses
V-Auditor automatically reacts to any unauthorized attempt to access one of the monitored objects based on predefined scripts. For example, V-Auditor can automatically log intruders out of the system - all hands-free.
Security Consoles
V-Auditor posts all security related events as they occur on the central security console. These special consoles can be in the operations area or part of the security officer monitoring screens.
Email - Alert Notifications
V-Auditor sends Email notifications on security related events to selected security personnel based on the severity of the event.
Hands-off operations
V-Auditor is designed to run 24x7 without any human intervention. V-Auditor dynamically manages all aspects of system security, triggers, detection and handling of security events.
Fail-safe operation
V-Auditor can not be shut down or bypassed even by experienced programmers or system administrators. It is controlled and maintained by the security officer.
Copyright (c) 2007 Application Resources, Inc.