Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
cancel
Showing results for 
Search instead for 
Did you mean: 

CA's E-trust Product

SOLVED
Go to solution
Ross Zubritski
Trusted Contributor

CA's E-trust Product

Have any of you guys or gals used CA's E-Trust Access control suite for UX. Management is pushing it here and I am very leary as it has kernel hooks and UX patches that must be removed b/4 installation. Any feedback would be greatly appreciated.

Regards,

RZ
7 REPLIES
John Payne_2
Honored Contributor

Re: CA's E-trust Product

The Policy Compliance piece is really good for looking at file permission problems, user account issues, etc, etc, etc. I am waiting for a copy of the next version in the next couple of days so I can add user defined scripts to do things like swlist, ioscan, etc. (To see when someone has made a change to one of my machines.)

John
Spoon!!!!
Pete Randall
Outstanding Contributor
Solution

Re: CA's E-trust Product

I'm leery of anything from CA. If it's at all possible I avoid them like the plague. The only CA software we have here is Arcserve. My network guys use it for backup and I can't convince them to let OmniBack handle their stuff.

Pete

Pete
John Payne_2
Honored Contributor

Re: CA's E-trust Product

Oops. Looks like the ntp problem is back...
Spoon!!!!
John Payne_2
Honored Contributor

Re: CA's E-trust Product

We use it here. It does hook into the kernel at install time, but we use the QPK patches, and HPUX patching was not an issue.

It is very much like using sudo, but it's 'sudo on steriods', making it easier to manage things.

It has resolved some of our issues with root password in our environment, and empowers everyone to do what they need to do when they need to do it. We have deployed it to 26 of our HPUX machines and about 15-20 of our Solaris machines (So far.)

The nice thing it that it tracks what you do, and remembers who you are. For instance, no one here can 'sesu' to root, and then change the root password from there, it just won't allow it.

Also, we as engineers are defined in different groups, and if a machine suddenly needs the DBA's to have an account, one click of the mouse gives them accounts on the box. (And 1 click of the mouse removes them all, also.)

Hope it helps

John
Spoon!!!!
Ross Zubritski
Trusted Contributor

Re: CA's E-trust Product

John,

I always knew you were a "backwards" thinker!!

;)~~~~

Thanks for the feeback

RZ
Sridhar Bhaskarla
Honored Contributor

Re: CA's E-trust Product

Hi Ross,

This was formerly known as Seos by Platinum. I used this product and I recommend it to the companies like Banks, Credit Card corporations etc., that need additional security. In these companies, you need to have an eye even on the system administrators. 'sudo' is not a good idea for them as it lacks quite a number of features that E-Trust offers.

If yours is such company, then use it.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
John Payne_2
Honored Contributor

Re: CA's E-trust Product

If it helps, I am at a University, where we have to 'protect ourselves from ourselves...'

John

Some times it is good to think backwards. You get to the answer quicker.
Spoon!!!!