Automated distribution of reports to security personnel via E-Mail.
Interactive user sessions
Privileged Command Processor
All registered users are defined as non-privileged users while V-Auditor executes and manages all privileged-command and analyze_system activities.
Secure Command Shells
V-Auditor features a menu-based and VOS-like secure and audited sessions for all users including developers, operators and system administrators.
Security Levels & Restrictions
A user, or group of users can easily be given different security-levels, promoted, demoted or removed from the system.
V-Auditor can automatically and dynamically change privileges based on the time of day and other predefined criteria. For example, it can block certain activities during the night shift and allow other activities during other times.
V-Auditor reports all user' session information -- time of entry, activities, and time of exit. Extensive criteria, allows selection of specific users, groups and specific timeframes. Special reports outline all privileged-user activities including analyze_system requests. Security events and attempts to gain unauthorized access are highlighted.
V-Auditor can distribute detailed reports outlining all currently-registered users with special highlighting of privileged users via e-mail, either periodically or on demand.
Protecting confidential data
Centralized database of access privileges
V-Auditor features a centralized system-wide database designed to control access to confidential databases and system directories. Thousands of objects and users are easily maintained.
V-Auditor scans the entire system at predefined schedules and automatically enforces access-right standards as set up be the security officer.
File integrity reports
V-Auditor reports any unauthorized changes made to any of the system directories or confidential files.
Making changes to a user's access profile can be done once. V-Auditor does the rest - it scans the entire system and applies the changes across the potential thousands of files or system directories.
On demand, V-Auditor scans the entire system and removes all access right previously given to a given user or group of users. This assures that no ex-employee has any access rights left behind on the system.
Using templates and scripts
V-Auditor features simple, easy to use templates and scripts that are used to rebuild the security database from scratch, or to quickly apply it to a different Stratus module.
Registration Database Management
New alternative to registration_admin
New screen-driven interface to the VOS User Registration Database offers more control over the all-or-nothing limitation of registration_admin.pm.
V-Auditor records every addition, deletion and changes made to the registration database.
All registration management functions can be automated by using scripts. Using scripts not only saves time -- scripts enhance control and reduce the risk of human error.
Enhanced security: The 2-phased approach
All changes are recorded to a temporary database (phase-I) which allows the security officer, at a later time, to apply the pending changes or discard them (phase-II).
Any change made to the registration is treated as a security event. A message is posted to the operator console, which part if its 24x7 monitoring (see below).
Process creation, termination, and priority changes.
Selected administration and configuration activities including login_admin, logout_admin, disk_maintenance activities, time/zone changes and more.
File, link, and directory creation, deletion, renaming, truncation, index-definition changes.
Miscellaneous access controls
Execute-in-kernel program invocations, file system, process, and system access violations.
Secure, encrypted sessions
V-Auditor features Secure-CRT-for-Stratus terminal emulation software. Secure-CRT provides extra security and encryption of remote access, file transfer, and data tunneling sing the open Secure Shell protocol.
Industry standards encryption
AES, Twofish, Blowfish, 3DES, RC4, and DES ciphers.
V-Auditor reports all registered users with special highlighting of privileged users. The report includes information on password expiration and terminated accounts.
The Short Session Report outlines login/logout and session duration summaries while the more detailed format, outlines all commands that were executed during the reported sessions.
Security incident report
V-Auditor reports all security incidents and unauthorized attempts to access a system object including the user-name, time of day and detailed description of the event.
File integrity report
V-Auditor provides a detailed report outlining all potentially unauthorized changes that were made to the file system (ACL/DCL).
The security officer can choose a range of dates, and specify user(es) and the type of incidents he wishes to include in the audit reports..
V-Auditor creates HTML web-enabled reports and distributes them via Email to any number of security officers for review.
V-Auditor sends alert messages to selected terminals.
V-Auditor automatically reacts to any unauthorized attempt to access one of the monitored objects based on predefined scripts. For example, V-Auditor can automatically log intruders out of the system - all hands-free.
V-Auditor posts all security related events as they occur on the central security console. These special consoles can be in the operations area or part of the security officer monitoring screens.
Email - Alert Notifications
V-Auditor sends Email notifications on security related events to selected security personnel based on the severity of the event.
V-Auditor is designed to run 24x7 without any human intervention. V-Auditor dynamically manages all aspects of system security, triggers, and detection and handling of security events.
V-Auditor can not be shut down or bypassed even by experienced programmers or system administrators. It is controlled and maintained by the security officer.