Privilege Manager for Sudo provides powerful capabilities:
Centralized management of sudo across any number of Unix/Linux servers
Centralized reporting on sudo policy, activities, and history
Event and keystroke logging
Offline policy evaluation and log synchronization
Policy revision management with change tracking and reporting, and policy roll-back
Extend Sudo 1.8.1
Privilege Manager for Sudo enhances sudo with new capabilities (central policy server and keystroke logging)
that embrace and extend sudo through the new Sudo Plugin which fits into the Sudo 1.8.1 modular architecture.
Central Sudo Policy
Privilege Manager for Sudo permits sudo to use a central service to enforce a policy, removing the need for
administrators to manage the deployment of the sudoers policy file on every system. This improves security
and reduces administrative effort by centrally administering sudo policy for privileged account management
across any number of Unix/Linux servers.
Centralized Management
Management Console for Unix provides a single management platform for sudo as well as additional Quest
solutions, such as Quest Authentication Services and Privilege Manager for Sudo. It provides a single point
of administration for multiple Quest solutions to simplify administrator- and auditing-related activities across
the entire Unix/Linux environment.
Centralized Reporting
Privilege Manager for Sudo includes Management Console for Unix which provides a single reporting platform
for sudo. Available reports include Access and Privilege Reports that analyze the sudo configuration file, as
well as user accounts and group memberships, and provides a list of the access and privileges that have
been granted to users and systems through sudo. The solution also includes the ability to report on changes
made to the sudoers policy for policy groups through the console including versioning and the ability to revert
to any previous version. This allows for a report that shows who made what changes to the sudoers policy
file, and when. It also includes the ability to report on who ran what sudo command across all managed
systems, and whether the command was accepted or rejected based on the policy.
Event Logging
The Privilege Manager for Sudo event logging feature provides the ability to log all commands performed
through sudo to know which commands were accepted and rejected, who performed the command, and
when the command was performed.
Keystroke Logging
The Privilege Manager for Sudo keystroke logging feature provides the ability to log keystrokes, then view
and replay keystroke logs for end-users that perform activities through sudo. The keystroke log provides a
comprehensive view of what activities were performed and the commands that were executed across all
systems.You can filter the report in many ways to find data quickly. For example, you can filter on specific
commands or for commands run during a specific time period.
Offline Policy Evaluation and Log Synchronization
Privilege Manager for Sudo supports offline policy caching. When a Sudo Plugin host operates offline, it
stores all log files on the host, then synchronizes the log data back to the primary policy server when it
becomes available. (See Privilege Manager for Sudo Policy Evaluation for more information.)
Separation of Duty Enforcement
The Management Console for Unix enforces the concept of separation of duty (SoD) by adding the ability to
assign users to roles within the console. Based on the role, a user is only permitted to perform certain tasks.
For example, the administrator may be allowed to modify the sudo policy, but not to view keystroke log
recordings.