Uplogix local management enhances enterprise security by extending role based administrative access policies to network devices and by providing detailed auditing and reporting in support of attaining and demonstrating regulatory compliance. All of these capabilities are maintained even in the event of a network outage.
IT Policy Enforcement
"Not all security threats are outside the firewall. How do I enforce policies within my network?"
With business success increasingly dependent on network availability and performance, it is absolutely necessary to protect the underlying network and IT infrastructure from security threats. Traditional management protocols used today, such as SNMP and Telnet, fall short in securely managing remote networks, and require that the network is available to work.
Uplogix ensures that only the right users have the right access to devices and systems by providing very granular and customizable administrative access. Our Local Managers provide a secure management platform that meets the industry’s most stringent security, encryption and AAA requirements, ensuring that security and management policies are always enforced, even during a network outage.
Key IT Policy Enforcement Capabilities
Maintain and enforce AAA (Authentication, Authorization and Accounting), regardless of the state of the network. Under normal circumstances, Uplogix Local Managers integrate with remote authentication mechanisms, such as TACACS and Radius, but if connectivity is lost, the LM can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.
Use multifactor authentication through integration with RSA SecureID and Secure Computing Safeword
Prevent unauthorized user access by automatically closing idle sessions, eliminating a potential security gap. Uplogix also ensures that the right users have the right access by enforcing granular, role-based permissions
Enable audit and compliance reporting by constantly logging all changes made to managed devices and the results of these changes
Eliminate modem security issues with CallHome™ connectivity. Uplogix appliances always “dial-out,” never allowing in-bound dial-up requests, to restore connectivity when the primary network connection goes down, closing common security holes.
Improve overall security by restricting access to specific IP addresses and encrypting passwords stored in the database, and by automating management functions related to security enforcement, like updating the access passwords on hundreds of managed devices at once.
Audit & Compliance Reporting
"Full compliance means I need to know everything that is happening on my network at all times."
Enterprises need complete reporting data to pass today’s stringent compliance audits. Often companies are penalized as a result of incomplete information, especially when outages have occurred. During these most vulnerable moments for a network, reporting data on who has accessed devices and what was done to those devices often goes unrecorded.
Leveraging the Uplogix Local manager’s dedicated serial connection with managed devices and servers, Uplogix Local Management Software logs all changes made by users and the results of these changes. This information is saved locally and then transmitted to a central location for analysis and long-term storage. Logging, recording and reporting are unaffected by the state of the network—Uplogix continues to satisfy compliance requirements even during downtime.
Key Audit & Compliance Reporting Capabilities
Enable policy compliance by monitoring, measuring and reporting on all changes made to the managed IT infrastructure to satisfy internal and regulatory security standards.
Capture, log and archive every keystroke and output, unlike network-based tools that fail to capture changes during a network outage.
Satisfy numerous compliance standards by providing in-depth reporting of changes made to the IT infrastructure, such as:
- Sarbanes-Oxley (SOX)
- Payment Card Industry Data Security Standards (PCIDSS)
- Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Energy Policy Act of 2005 (NERC/FERC)
- Federal Information Security Management Act of 2002 (FISMA)
- Gramm-Leach-Bliley Act (GLBA)
Reduce the time and effort required to prove compliance via intelligent automation. Uplogix not only audits all changes made to the managed infrastructure, but also inspects audit logs in real-time for problems and can proactively take rules-based automated corrective actions based on log patterns
Allows for flexibility with customizable rules, policies, and reports to meet business- or industry-specific compliance requirements