HPE Community
Operating System - HP-UX
1751693 Members
4958 Online
108781 Solutions
New Discussion юеВ

CA's E-trust Product

 
SOLVED
Go to solution
Ross Zubritski
Trusted Contributor

тАО03-03-2003 10:40 AM

тАО03-03-2003 10:40 AM

CA's E-trust Product

Have any of you guys or gals used CA's E-Trust Access control suite for UX. Management is pushing it here and I am very leary as it has kernel hooks and UX patches that must be removed b/4 installation. Any feedback would be greatly appreciated.

Regards,

RZ
0 Kudos
Reply
7 REPLIES 7
John Payne_2
Honored Contributor

тАО03-03-2003 10:51 AM

тАО03-03-2003 10:51 AM

Re: CA's E-trust Product

The Policy Compliance piece is really good for looking at file permission problems, user account issues, etc, etc, etc. I am waiting for a copy of the next version in the next couple of days so I can add user defined scripts to do things like swlist, ioscan, etc. (To see when someone has made a change to one of my machines.)

John
Spoon!!!!
0 Kudos
Reply
Pete Randall
Outstanding Contributor

тАО03-03-2003 10:51 AM

тАО03-03-2003 10:51 AM

Solution

Re: CA's E-trust Product

I'm leery of anything from CA. If it's at all possible I avoid them like the plague. The only CA software we have here is Arcserve. My network guys use it for backup and I can't convince them to let OmniBack handle their stuff.

Pete

Pete
Reply
John Payne_2
Honored Contributor

тАО03-03-2003 10:52 AM

тАО03-03-2003 10:52 AM

Re: CA's E-trust Product

Oops. Looks like the ntp problem is back...
Spoon!!!!
0 Kudos
Reply
John Payne_2
Honored Contributor

тАО03-03-2003 10:52 AM

тАО03-03-2003 10:52 AM

Re: CA's E-trust Product

We use it here. It does hook into the kernel at install time, but we use the QPK patches, and HPUX patching was not an issue.

It is very much like using sudo, but it's 'sudo on steriods', making it easier to manage things.

It has resolved some of our issues with root password in our environment, and empowers everyone to do what they need to do when they need to do it. We have deployed it to 26 of our HPUX machines and about 15-20 of our Solaris machines (So far.)

The nice thing it that it tracks what you do, and remembers who you are. For instance, no one here can 'sesu' to root, and then change the root password from there, it just won't allow it.

Also, we as engineers are defined in different groups, and if a machine suddenly needs the DBA's to have an account, one click of the mouse gives them accounts on the box. (And 1 click of the mouse removes them all, also.)

Hope it helps

John
Spoon!!!!
Reply
Ross Zubritski
Trusted Contributor

тАО03-03-2003 11:22 AM

тАО03-03-2003 11:22 AM

Re: CA's E-trust Product

John,

I always knew you were a "backwards" thinker!!

;)~~~~

Thanks for the feeback

RZ
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО03-03-2003 11:26 AM

тАО03-03-2003 11:26 AM

Re: CA's E-trust Product

Hi Ross,

This was formerly known as Seos by Platinum. I used this product and I recommend it to the companies like Banks, Credit Card corporations etc., that need additional security. In these companies, you need to have an eye even on the system administrators. 'sudo' is not a good idea for them as it lacks quite a number of features that E-Trust offers.

If yours is such company, then use it.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
John Payne_2
Honored Contributor

тАО03-03-2003 11:28 AM

тАО03-03-2003 11:28 AM

Re: CA's E-trust Product

If it helps, I am at a University, where we have to 'protect ourselves from ourselves...'

John

Some times it is good to think backwards. You get to the answer quicker.
Spoon!!!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.