Cloakware
Purchased by Xceedium September 2011 and now called Password Authority and part of the Xsuite platform which also includes,
- GateKeeper - granular access control containment and session monitoring.
- A2A Authority - vaults and protects the passwords needed for scripts and applications.
When reading the Xsuite Data Sheet I notice some interesting features,
- Control and Restrict Commands - looks like only on the terminal but still... also how good is it, for example piping stuff.
- Session Recording
How it Works,
- Requires a privileged account, which then is used to set the passwrod for the account being used by the user.
- Runs off of appliance
Issues,
- Cloakware's priviledged account expires,
- (may be an issue) - System asks Cloakware to change password. Cloakware, does not know what to do, though this may be a configuration issue by the implementing team.
- We have experience this problem only in Unix Solaris but theoretically it may be a problem.
- For Unix one workaround is to give exception to the Cloakware account but this breaks a bunch of other audit standards.
- The Cloakware team's support number should be easily accessible.
- (most likely also an issue) - Some systems have policies that say, if you did not log in within x time-period, too, bad you locked out, use root to reset.
- (may be an issue) - System asks Cloakware to change password. Cloakware, does not know what to do, though this may be a configuration issue by the implementing team.
- ....