本公司皆販售最新版本,目前版本僅供參考
最新版 Universal Credential Manager (UCM)
i-Sprint Enterprise AdminGuard 已停售
最新版 Universal Credential Manager (UCM)
i-Sprint Enterprise AdminGuard 已停售
Universal Credential Manager (UCM) is a Next Gen Privileged Account Activity Management (PAAM) solution with agentless connectors, visual recording and SSO integration
AccessMatrix™ Universal Credential Manager (UCM) provides a virtual password safe deposit box with strong encryption using HSM devices to store privileged account IDs and passwords (aka credentials). UCM provides the security features to address the major audit and operational challenges faced by organizations in managing credentials and its session activities. The common challenges are:
- Manual Management of IDs and Passwords
- Lack of Privileged Session Activities Tracking and Control
- Hard-coded Privileged IDs and Passwords in batch jobs and applications
- Provide forensic trails and visual recording of privileged access to critical servers and computing resources
Privileged User Access (PUA) Module: UCM provides a secure approach with multi-level approval flow and empowers organizations to manage security administrators to retrieve and deposit privileged credentials. This enables authorized users to check in and check out privileged credentials to perform their duties or during emergency situations.
Interactive features include:
- Flexible access control for credentials based on reporting hierarchy
- Audit trail with command captures and video session recordings
- Strong authentication with multi-factor authentication support
- Multi-level dual control workflow approval
- Manual, single-sign-on or auto login into target resource after check-out
- Automatic password management using agent-less technologies
- Flexible APIs for integration with external workflow or ticketing software
Privileged Session Manager (PSM) Module: UCM provides add-on Windows RDP Gateway Recorder and set of network protocol Proxy Modules to monitor and record privileged sessions. It supports video and keystroke recording playback for forensic analysis. It also supports command access control for selected protocols.
Application Password Manager (APM) Module: UCM enables organizations to retrieve user IDs and passwords for specific applications during run time so that the user credential information does not need to be hard-coded in applications or command files. UCM provides two integration approaches:
- Application APIs – a set of flexible and simple APIs retrieves the current IDs and password from the UCM server
- Audit Password Consumers – Enables dynamic and transparent replacement of IDs and Passwords in command protocols such as ODBC, JDBC, ADO.NET, Windows and Unix scripts
Programmatic
UCM enables organizations to retrieve user IDs and passwords for specific applications during run time so that the user credential information does not need to be hard-coded in applications or command files.
UCM provides two integration approaches that enables software developers to rapidly integrate their applications with UCM:
- Application APIs – A set of flexible and simple APIs retrieves the current IDs and Passwords from the UCM server.
- Command line utility (UCMRun) – Enables dynamic replacement of IDs and Passwords in command files with no coding effort.
Features and Benefits
Flexible and Fine-Grained Administration
- Patented Hierarchy Model for
- Administration and Delegation
- Policy Driven Approach
- Maker / Checker, Least Privilege and Segregation of Duties among various Admin Roles
Easy of Deployment and Manageability
- Grouping of credentials for easy of administration
- Bulk import of target resource information
- Integration with existing user directories
- Auto Account Discovery
Securing Privileged Access
- Customized Approval Workflow and credential management
- Command filtering to restrict administrator activities
- Single Sign-On to target resources without revealing the password
- Strong Authentication using 2nd Factor Authentication for accessing critical target resources
Comprehensive Audit Logs and Detail Reporting
- Session logging using visual recording and text-based audit logs
- Secured Audit Log and Activity Reporting
Advanced Security Features
- FIPS Certified HSM for Key Management
- Comprehensive APIs for customization
Identity Protection
- Universal Authentication Server
- Universal Sign-On
- Universal Access Management
- Universal Credential Manager
憑證管理和多元認證解決方案
我們的解決方案擁有以階層為基礎的專利安全管理和授權架構,能夠有效地處理一個組織或多個組織內龐大的用戶社群在憑證管理和認證要求方面所遇到的挑戰。
面 對未來的認證工具提供可配置的權限控管、身份認證和稽核策略,以滿足用戶、應用程式和端點設備的一些最嚴格的安全法規要求。我們的解決方案的設計目的是為 了強化主要供應商的IAM套件,以提供點對點的解決方案,滿足客戶的安全要求。我們的客戶包括了全球和地區性金融機構、跨國公司和政府機構。
AccessMatrix UAS(Universal Authentication Server) 多元認證伺服器是一個多用途的認證方案,它讓組織可以通過統一架構,部署各種認證方法。組織可以運用認證工作流程,將一個或多個認證方法連結起來以滿足強化認證和授權的要求。
AccessMatrix UAS運用插入式認證模組(PAM)來支援多種認證方法,可以輕易地加入新的認證方法來符合新的認證機制。
UAS擁有一個內建的Radius伺服器,所有支援Radius通訊協定的網路設備和應用程式都可以使用UAS作為認證來源。為了整合應用程式,UAS運用網路服務、Java和API開發出一個全面的SDK,讓組織可以全面利用UAS的功能,加強認證過程。
AccessMatrix USO(Universal Sign-On) 多元登錄為組織提供一個非侵入的方式,讓它們能夠單點登錄到多個網路和桌面應用程式,而無需更改原始碼。這基於伺服器和零桌面管理的方法可以在內網和外網上部署,並最大限度地減少持續的桌面軟體維護。因此,快速的部署就可以縮短投資回收期,提高投資回報率。
AccessMatrix USO將登入和登出自動化與背景管理結合起來,並快速切換到用戶的工作站上,以改善登錄商業資訊的活動,減少操作失誤。強化認證設備的支援,加上能夠根據閒置超時安全策略自動登出和登錄應用程式的跟蹤情況,減少非授權登錄機密資訊的風險。
AccessMatrix USO可以與任何使用用戶配置API的配置系統進行整合,提供點對點的身份控管管理方案。
AccessMatrix UAM(Universal Access Management) 多元登錄管理是一個可靠的企業級應用程式控管、單點登錄和安全管理集成平台。它提供了一個獨特有效的方法,在企業中對用戶登錄應用程式進行管理。
它通過在UAM內定義用戶和他們的特權,控制並管理用戶登錄企業應用程式的權利。
AccessMatrix UCM(Universal Credential Manager) 多元憑證管理器供經過了HSM設備進行強加密的虛擬密碼保險箱。UCM提供通過應用程式或批次檔案進行互動式登錄和編程式登錄的功能。
- 互動式登錄 提供了一種安全的辦法,使安全管理員可以管理憑證並將憑證存放到UCM解決方案中。授權用戶可以登錄和登出特權憑證履行其職責或在緊急情況下登錄和登出特權憑證。
- 編程式登錄 提供了一個成熟可靠的方法,避免應用程式和批次處理腳本內的特權ID和密碼的硬編碼。對於UCM模組,所有的憑證資訊都可以在執行時間內檢索。基於安全策略,UCM也可以通過配置,在目標平台上進行自動密碼更新。
對於UCM模組,所有的憑證資訊都可以在執行時間內檢索。基於安全策略,UCM也可以通過配置,在目標平台上進行自動密碼更新。
Cloud Protection
- Universal Authentication Server
Mobile Protection
- Universal Authentication Server
- YESsafe MASS
- YESsafe Mobile Token
- YESsafe Mobile ID
- YESsafe PIM
Data Protection
- DB Guard
- UCM Server / UCM Gateway: MS Server 2008 / 2012 R2
- Java Runtime: JRE 1.7 and above
- Application Server: Oracle WebLogic, IBM WebSphere and Apache Tomcat
- Database for Policy Store: MS SQL Server, Oracle RDBMS, IBM DB2 and Oracle MySQL
- External User Store: Active Directory, LDAP v3 compliant directories and JDBC compatible databases
- Supported Target Resources: JDBC database servers, UNIX Servers, Windows Servers, Active Directory, AS400, IBM RACF Mainframe, Cisco / Array, Cisco ACS, Scriptable SSH / Telnet-based network devices e.g TopSec, Juniper, Huawei, H3C and RuiJie
- Supported clients for UCM Gateway: database clients, VNC, rdp, web-based consoles, PuTTY, Tera Term, secureCRT and CuteFTP