e-DMZ Security - Privileged Access Control Solutions
About e-DMZ Security Privileged Password Management Application Password Management Vendor Access Control Internal Access Control

Password Auto Repository— - Application Password Management

The management and control of hard-coded script/application passwords is a demanding security and compliance concern for today’s enterprise. Typically these application passwords are rarely if ever changed and known to anyone with application/source access creating the potential for “back-door” access through these application/script accounts.

Our award winning Password Auto Repository (PAR) was the first product dedicated to the secure and compliant management and control of all application-to-application (A2A), application-to-host (A2H) and shared/privileged accounts. Winner of SC Magazines Readers Trust Award as BEST Password Management and Identity Management solution, PAR is the choice of companies of all sizes from SME to the world’s largest enterprises including 4 of the top 7 Forbes ranked Banks! Delivered as a purpose built hardened appliance with no agent software or 3rd party software/hardware needed to deploy — PAR can be installed and running within one day delivering an immediate ROI.

TYPICAL A2A WORKFLOW

PAR CLI/API allows the same user and administrative functions to be executed programmatically based on the “role” of the configured CLI/API user. Both the CLI and API communicate to PAR via SSH, with DSS authentication. API is currently available to support: C, C++, Java, .NET and PERL with additional language support coming.

CLI example:

ssh -i CliAdmin.181.txt CliAdmin@192.168.0.161 Retrieve alin10a,root,8,This is a test


API example code C++

void retrieve(ApiClient& client) { // Get the password for testsys/testacct. RetrieveCommand rc("testsys", "testacct", 30, "This is my comment"); // Execute the operation on PAR. client.sendCommand(rc); Result* result = rc.getResult(); if (result->getReturnCode() == 0) { cout << "retrieve: The password is " << rc.getPassword() << endl; } else { cout << "Failed retrieving password: " << result->getMessage() << endl; } }


Additional PAR Features:

Password Management

  • Auto, dual (or more) release controls
  • Time based access controls
  • Time based change controls
  • Last use based change controls
  • Manual/force change controls
  • Password test & synchronization
  • Secure (AES 256) storage

Audit & Reporting

  • All activities fully audited
  • Syslog & SNMP traps
  • All audit information exportable
    (schedule or on demand)
  • Robust native reports
    with email scheduling

Enterprise Integration

  • Full Active Directory Integration
  • Universal Ticket System Integration

Purpose Built Secure Appliance

  • No additional 3rd Party HW or SW required
  • Full hard-drive disk encryption
  • Built in hardware firewall
  • Hardened OS
  • No console access

Session Management (Optional)

  • Administrative session proxy
  • Connection authorization controls
  • Configurable auto-login for no password exposure
  • Full recording and logging of sessions
  • VCR-like playback
  • File transfer supported through proxy

Business Continuity & Disaster Recovery

  • Auto-synchronize & fail-over high availability
  • Supports one or more HA devices
  • Auto secure, scheduled backups
  • Next day appliance replacement service

top