Eurekify

      




Overview

Sage Audit is the ultimate tool for ongoing management of role definitions, periodical auditing of privileges, and enforcement of policies and regulations. Sage Audit uses Sage's patented pattern recognition technology to analyze existing privileges data and identify exceptions and deviations from common and typical patterns. In addition, Sage Audit reports various statistical exceptions and outliers. Sage Compliance allows specification of policies and regulations using simple rules, which can then be checked against the current privileges and role definitions. Sage is a non-destructive off-line analysis tool that is applied to privileges data that is imported from one or more relevant platforms and applications. Sage Audit allows tracking all exceptions and deviations, as well as immediate remediation of all alerts. All changes made in Sage in response to such alerts can then be applied directly to the target platform, reported for manual administration, or stored in an independent repository. Sage runs on a Windows-based personal station.


Where and When to Use

  • Identity Management Projects. To avoid a situation where a new provisioning system is automating the bad habits of yesterday, one must first clean up and streamline privileges on the source platforms. Sage Audit helps in this cleanup and preparation, as well as in reviewing role definitions and provisioning policies (whether existing, or defined using Sage Discovery).

    • Role-based auditing and cleanup shall be applied to each single-platform and to cross-platform privileges data before they are loaded to the new IdM platform

    • Role-based auditing shall also be applied to role definitions created during the role engineering project, as a means of quality assurance and additional cleanup and compliance

    • Role-based auditing and compliance shall be applied to the entire IdM platform periodically
      Review some of the benefits of Sage in an Identity Management Project.

  • Role-based management of privileges on a mainframe, enterprise directory, ERP, or any other application. Role-based auditing is important to maintain the quality of role/group definitions. It is also important to check that privileges and role definitions comply with organizational policies and external regulations.

    • Role-based auditing shall be applied on a periodical basis, and more frequently in periods of significant changes such as mergers, restructuring, etc.

    • Compliance checking shall be performed periodically, depending on the policy being checked, especially as part of internal/external IT auditing effort, and possibly as part of special efforts to document compliance.
      Review some of the benefits of Sage for auditing privileges and checking for compliance on a single major platform.


Sage Audit Functions

  • Identification of out-of-pattern individual privileges, often associated with erroneous and outdated privileges

  • Identification of users suspected as "collectors"

  • Identification of resources that are not allocated according to an orderly policy

  • Identification of ad-hoc privileges that do not follow from a role/group policy

  • Identification of privileges outliers, including dead accounts, unused resources and groups, privileges packers, etc.

  • Review role/group definitions to identify out-of-pattern privileges and users

  • Review role/group definitions to identify duplications, overlaps

  • Review role/group definitions to identify potential extensions and optimizations

  • Review role/group definitions and privileges assignment against one or more organizational policies, segregation of duty requirements, and common regulations.


Environments

  • Identity Management of virtually all vendors

  • Mainframe, e.g. RACF, TSS

  • Enterprise Directory, e.g., Active Directory

  • ERP systems, e.g. SAP

Click here for further information on SAGE DISCOVERY

Click here for further information on SAGE

PDF Downloads:

Windows XP (WindowsXP, WinXP, Win XP, WXP) windows NT (WindowsNT, WinNT, Win NT, WNT), Windows 2003 (Win 2003, Win2003, W2003), Windows .Net Server (Win .Net Server, Win.Net Server), Windows Server 2003 (Win Server 2003, WinServer 2003) Windows 2000 (Windows2000, W2K, Win 2K, Win2K, Win2000, Win 2000, W2000) Windows 98 (Windows98, Win98, Win 98), Vista

Mainframe, IBM OS/390 (os390, MVS, zSeries, z/OS, zos, z series, V2R10, V1R1, V1R2, V1R3, V1R4), VM, VSE, Linux, IBM OS/400 (os400, A/S 400, as400, iSeries, i series, AS/400, i5/OS V5R3, i5os) UNIX, IBM AIX (pSeries, p series), HP-UX (HPUX, HP UNIX), Sun Solaris, Compaq Tru64 (Tru 64), Novell Netware (Bindery, NDS), Linux, DEC VAX/VMS, Open VMS, OpenVMS, Oracle, SAP, MQ,

SSH server, SSH client, SFTP server, SFTP client, FTPS server, FTPS client, HTTPS, HTTP, FTP/S, solaris sparc solaris x86, mac osx, mac os x, mac 10, mac 9, Tandem, non stop, NonStop, HPUX Itanium HP-UX, PGP

TCP/IP (TCPIP), ODBC, FTP, Lotus Notes, Lotus Domino, Websphere, Apache Tomcat, BEA Web Logic (WebLogic), Tivoli Netview, Sun ONE Application Server, Microsoft .NET, SQL, LDAP, SQL Server, RACF (SecureWay Security Server), CA-ACF2, CA-Top Secret, Internet Explorer 6.x (IE6, IE 6), Internet Explorer 5.x (IE5, IE 5), Netscape 7.x, Netscape 6.x, Firefox, Mozilla, Opera

Completing the jigsaw
with solutions from:

 Identity Management, IdM, IAM, Provisioning, enhanced, managed, Secure File Transfer, Network, website, availability, performance, monitoring, monitor, Password Management, enterprise software solutions. CyberFusion, SIFT, SecurPass, Pro:Atria, EUA, RBAC, web site, single signon, sso, password synchronisation, password, self reset, Windows XP (WindowsXP, WinXP, Win XP, WXP) windows NT (WindowsNT, WinNT, Win NT, WNT), Windows 2003 (Win 2003, Win2003, W2003), Windows .Net Server (Win .Net Server, Win.Net Server), Windows Server 2003 (Win Server 2003, WinServer 2003) Windows 2000 (Windows2000, W2K, Win 2K, Win2K, Win2000, Win 2000, W2000) Windows 98 (Windows98, Win98, Win 98) Mainframe, IBM OS/390 (os390, MVS, zSeries, z/OS, zos, z series, V2R10, V1R1, V1R2, V1R3, V1R4), VM, VSE, Linux, IBM OS/400 (os400, A/S 400, as400, iSeries, i series, AS/400, i5/OS V5R3, i5os) UNIX, IBM AIX (pSeries, p series, rs6000, rs/6000), HP-UX (HPUX, HP UNIX), Sun Solaris, Compaq Tru64 (Tru 64), Novell Netware (Bindery, NDS), Linux, DEC VAX/VMS (OpenVMS, Open VMS), Oracle, SAP, MQ, TCP/IP (TCPIP), ODBC, FTP, Lotus Notes, Lotus Domino, Websphere, Apache Tomcat, BEA Web Logic (WebLogic), Tivoli Netview, Sun ONE Application Server, Microsoft .NET, SQL, LDAP, SQL Server, RACF (SecureWay Security Server), CA-ACF2, CA-Top Secret, Internet Explorer 6.x (IE6, IE 6), Internet Explorer 5.x (IE5, IE 5), Netscape 7.x, Netscape 6.x, Firefox, Mozilla, Opera , proatria, uk, Pro:Atria, proatria, uk, yeovil, somerset, west country, england, united kingdom, uk, great britain, gb,website design, webs by design, webs-by-design.co.uk, webs by design (global) ltd, bob osborn