Audit user activities while increasing productivity

Secure Your Operations (article)
Access Control Manager
Activity Report
User Testimonial (AOL)

Introduction

SPS- Security Diagram

Example of a Menu-ed structure

	Eliminates the need to register privileged users
	Allows non-privileged users to execute selected subsets of analyze_system requests and other privileged commands
	Incorporates the Security Layer shielding the system from unauthorized use
	Produces a comprehensive audit trail log of all commands executed on the system; records the time and user's identity
	Keeps track of operator's activity and allows the user to restore and reuse commands and path names used previously during the session
	Features a standard DES-based file encryption facility
	Provides process listings (list_users) sorted by CPU utilization, I/O rate, Page faults memory usage and Interrupt rates
	Supports user-programmable function keys for frequently used commands

SPS and System Security

Reduce the risk of human error
Restrict Privileged users
Control user access rights to sensitive data

SPS products utilize a robust security layer designed to satisfy the most stringent security and audit requirements. It allows any level of customization, including per-user, per-command profiles, single-point data access control (ACLs)and data encryption. SPS' advanced multi-level, object oriented solution of security requirements provides more granularity and greatly improves upon the single level, all or nothing, approach to security provided with the VOS operating system.

	Authorizes command execution based on user's security profile
	Allows access of non-privileged users to selected privileged commands and to subsets of analyze_system requests thereby eliminating the need for privileged users registration
	Ensures execution of commands from the correct, designated terminals
	Ensures that commands are executed within the allowed timeframes
	Blocks access to restricted modules, systems and devices (production)
	Handles security violations; posts warning messages in the system error log and terminates the violator's session
	Manages, monitors and enforces directory and file access (ACL/DCL), employing a simple to operate, system-wide configuration
	Generates complete activity and security violations logs and reports date, time, user's identity, command executed and relevant violation information

Allow personnel with no Stratus training to work safely in the Production environment.
Can you afford keeping your old macros?

The SPS/Menu system organizes applications into concise, professional and user friendly interfaces. Creating menus is a simple procedure; it takes minutes to complete thereby saving time and money and helping meet development deadlines. SPS/Menu requires no FMS work and no programming and therefore does not require any Stratus expertise.

The system greatly enhances system security by adjusting and generating menus on a per-user basis according to the individual's security profile.

The SPS/Menu System provides complete audit trail logs of all system and operator activities including security violation attempts detailing commands executed, user names and the time of execution.

	Automatically generates box-type menus with unlimited chains of sub-menus
	Requires no programming or technical skills
	Integrates existing applications into professional looking, uniform and consistent interfaces
	Supports single-key transfers between applications
	Features the Security Layer and offers additional facilities such as: Browser, Calendar and Disk Space
	Supports user programmable function keys for frequently used commands
	Produces a comprehensive audit log of all commands executed, users' identity, date and time of each event
	Features the IDG layer (Intelligent Document Generator) that translates menu configurations into full-length documents
	Provides a configurable on-line help facility linking menu items to existing documentation files
	Reduces dramatically risk of human error, cost of documentation and training expenses

SPS Menus vs. Command Macros

Frequently asked questions

1. Can I enforce menu-driven access only on certain operators or users?

   Yes. All you need to do is add a call to SPS from the user's start_up.cm command macro and follow the call with a "logout". You can start SPS with the "no-break" option to prevent unauthorized access outside SPS.

2. My application has a built-in menu. Can I still use the SPS menuing solution? What would be the advantage?

   Your existing application commands and menus can be accessed from SPS without having to change anything. In addition, SPS will provide your users with a consistent, user-friendly and secure interface to other functions that you will add. Such additions can include sub-menus for "Troubleshooting", "Backups/Restores", "System Administration" and more.

3. We already provide our operators with menus. Our menus are driven by a set of home-grown command macros. This approach seems to work for us, how would we benefit from SPS?

   There is a lot of added value in using the SPS solution compared with command macros. With minor effort (yes, we can help!) you can convert your macros into easy-to-maintain tables. SPS menus are all table driven, easy to maintain and generated dynamically ("on the fly") based on user's security profile. In addition, SPS has many other features and tools such as a powerful fileBrowser, programmable function keys and more. In comparison, command macros are fixed for all users, require development and testing time, and lack many other features such as detailed audit trail reporting, on-line help and documentation.

4. Can I protect the SPS audit trail reports? How can I monitor what the System Administrator is doing?

   Yes, you can block all access to SPS reports, even your most experienced SysAdmin will not be able to alter it in any way.