XYGATE Access Control (XAC)

Granular, Role Based Access Control (RBAC) and Keystroke Auditing for HPE NonStop™ Servers

Accountability is a basic compliance requirement and fundamental system security. A common challenge faced by security administrators involves the control of access to, and sharing of, powerful user IDs such as SUPER.SUPER. Often it is necessary for some users to have access to these IDs in order to perform their jobs.

In contrast, responsible security and compliance requires each system user have a single and unique user ID. The challenge is to enable them to perform all of their job functions from this single and unique user ID.

XYGATE Access Control (XAC) allows for greater flexibility in configuring system access. XAC offers powerful, granular access control, allowing HPE NonStop customers’ security administrators to easily configure access according to users’ roles and responsibilities so that individuals are given access to the right set of system resources. The configuration settings defined in XAC govern whether user requests to run system utilities or other programs are granted or denied. “Allow” and “Deny” features restrict commands within programs and utilities to the subcommand level, supporting segregation of duties and adhering to the Principle of Least Privilege (POLP).

Whether your organization chooses to very specifically define a job function down to individual sub-commands, or fewer restrictions but with complete session and keystroke audits, XAC facilitates the creation and maintenance of this secure environment without compromising employee effectiveness and efficiency.

Flexible Keystroke Audits

XAC has extremely flexible auditing options so that no action is invisible. Each command can have specific auditing parameters associated with it. For example, you could choose to audit the keystrokes of a particular user, you can also configure an XAC command that starts a FUP process as SUPER. SUPER which may have requirements to be strictly audited: every keystroke entered, all outcome responses, and even the first 25 lines of output generated during the use of the FUP can be captured by XAC.

Key Features / Benefits

  • Controlled use of commands and subcommands
  • No shared user IDs
  • Individual accountability
  • Port and IP address restricting
  • Configurable keystroke logging
  • Complete and accurate user accountability
  • Supports Guardian and OSS

Achieve the balance between security and accessibility.

Whether your organization chooses to define job function to the finest granularity, with every possible command entry controlled, or if they choose to have fewer restrictions but with complete session and keystroke audits, it’s absolutely critical to maintain a secure environment without compromising employee effectiveness and efficiency.

Contact Sales