INTELLILINK Privileged Identity Management Solutions

Overview

In today's environment with increasing number of incidents involving unauthorized use of privileged IDs (such as administrator/root) and information leakage due to cyber attacks targeting privileged IDs, the proper management of privileged IDs has become an important issue that companies must address.
From the perspective of internal control and auditing also, it is important to manage "who" is going to use (can use, used) the "privileged IDs" that have full control.
iDoperation is a privileged ID management solution that supports the three operational items required for privileged ID management - "management," "lending," and "inspection", automates everything from the appropriate lending of privileged IDs to problem detection and realizes a safe, secure, and efficient IT operation environment.

Installation Effect

1. Security
iDoperation deters fraudulent acts by privileged users and supports countermeasures against targeted cyber attacks, which have become a major threat in recent years.
2. Governance
iDoperation supports the strengthening of controls such as internal controls and J-SOX audits, as well as compliance with guidelines such as FISC security standards and PCI DSS.
3. Cost reduction
iDoperation helps in reducing the utilization of information system department and outsource administrative tasks.

Strengths

1. Provides all functions required for privileged ID management

Privileged ID management requires three operational items: "administration", "lending", and "inspection".
iDoperation provides five basic functions in single package that meets the required audit level.

2. Audit response capabilities

iDoperation provides many audit reports, such as privileged ID usage inspection reports and account inspection reports, enabling efficient audit response.

3. Architecture that does not affect the existing environment

iDoperation can be deployed without affecting existing systems because of its agent-less architecture that does not affect the target.
There is no need to change the network of the existing environment because the client directly makes privileged access to the target.

4. Reduction of management man-hours and automation of management tasks

iDoperation reduces IT department management man-hours related to privileged ID management by automating audit response tasks such as comparing access logs and application forms, as well as periodic account management tasks, and also supports outsourcing.

5. Capable of supporting a wide variety of environments

The number of servers can be increased by scaling out according to the scale.
iDoperation also supports increasingly diverse server environments, including public clouds such as Amazon Web Services (AWS) and Microsoft Azure, as well as management of servers at overseas locations.

System Configuration

iDoperation consists of the following software.

iDoperation server Provides management screens for each function/Performs ID management and log collection
iDoperation Client Used for ID user login
iDoperation SC storage server Stores video data of screen operations
iDoperation SC recording agent Records screen operations

Middleware includes IIS as the web server and SQL Server as the database server.

Example of iDoperation system configuration for small to medium scale

*If there are many operation logs to be recorded, it is recommended to separate the configuration of iDoperation SC storage server.

Target systems where ID management is possible

OS Windows Client / Windows Server / Red Hat Enterprise Linux / Amazon Linux / CentOS / SUSE Linux / Oracle Linux / Ubuntu / IBM AIX / Oracle Solaris / HP HP-UX
Directory Services Microsoft Active Directory Domain Controller
Databases Oracle Database / SQL Server / PostgreSQL / MySQL / IBM DB2 / HiRDB
Virtual Software VMware vSphere / VMware vCenter Server Appliance / Hyper-V Server
Cloud Services AWS Management Console (IAM) / Azure AD / Salesforce / Box
Cloud Services
(Database)
Amazon RDS for SQL Server / Amazon Redshift / Amazon Aurora PostgreSQL / Amazon RDS for PostgreSQL / Amazon Aurora for MySQL / Amazon RDS for MySQL
Cloud Services
(Directory Services)
AWS Managed Microsoft AD / AWS Simple AD

*Each of them has its own prerequisites and restrictions to be an ID management target.

* These products or services are only available in Japan.

INTELLILINK Privileged Identity Management Solutions