Pluggable authentication module (PAM) support in UNIX and Linux operating systems have met, or not met, common standards over the last twenty five years. Vendor-specific wrinkles in meeting PAM specifications have needed coding and operational adjustments. Core Privileged Access Manager (BoKS) hides the platform-specific behavior and operational constraints from centralized security staff for improved efficiency and consistency.
Core Privileged Access Manager (BoKS) support takes care of the underlying specifics of how security policy changes are technically achieved on each supported platform, or served by live updates from its distributed security database. It also handles interactive security policy exchange in real time, handling online authentication and authorization for each active session.
Core Privileged Access Manager (BoKS) does not require reconfiguration of OS pam.conf files on every protected OS instance. Instead, Core Privileged Access Manager (BoKS) loads a single PAM module and handles authenticator challenge cascading under central control.
How We Help You Gain Control
Single PAM Module Installation
Single PAM module installation in Linux/UNIX takes over authentication/authorization
Non OS Kernel Intrusive Implementation
Non OS Kernel Intrusive implementation, crucial and invisible for ongoing OS vendor patching updates within a major release.
Auto-configuration of which authenticator used by central configuration.
Automatic & Configurable Cascading
Automatic and configurable cascading of authentication methods by central policy, not pam.conf file maintenance
Auto-update of system files for:
- Local OS security configuration, in platform appropriate format and locations
- SSH key distribution and renewals
- SSH key storage in Solaris specific file format for that platform
What This Means to You
Quickly Meet Compliance
Quickly meet access/authorization regulations as described in SOX, HIPAA, GLBA, PCI DSS, FDCC and FISMA.
Reduce Admin Overhead
Removes pam.conf module load cascade diagnosis in each and every protected OS and server. Saving up to 95% of ongoing administration in this area.
Admin consistency removes platform-specific implementation details from the hands of your technical staff, and the need to script or “recipe” with configuration management tools.