Secure your network with OmniGuard/ESM
AXENT Technologies' OmniGuard/ESM (Enterprise Security Manager) 4.4 is a
multi-platform security monitoring system that includes support for
Windows NT. OmniGuard/ESM is extremely useful in a single-server environment but is downright invaluable in a multiserver environment that includes NT Server, UNIX, OpenVMS, and Novell IntranetWare.
OmniGuard/ESM lets a network manager verify that security policies are in
place. For example, your corporate security policy may require that
passwords are at least six characters long. Checking for this policy is simple
for a single-server environment but tedious for larger networks. OmniGuard/ESM
can easily perform this check in a multiserver environment. But this feature is
just one of OminiGuard/ESM's functions.
You can configure OmniGuard/ESM so that security policymakers and security
policy implementers are not the same people. This capability lets a security
manager create a policy and see reports on the network's status, but not change
any of the security elements in NT (or any other operating systems). Network
managers can see policy reports but not change the security policy. However,
they can change the security elements within NT.
Usernames and passwords are one aspect of security that OmniGuard/ESM
checks. The software can check password durability, which includes password
length and matches with common words. You can also include a set of
company-specific words so that users don't have passwords that match project
names. OmniGuard/ESM checks file attributes, directory attributes, system
auditing settings, and even system startup files. Platform-specific checks, such
as email checks for UNIX and NetWare, are also available.
OmniGuard/ESM uses client/server architecture. A client, or OmniGuard/
ESM agent, runs on a PC where security will be checked. The server is where
OmniGuard/ESM maintains and manages the results of the security checks. Security
managers can access the server to make changes and run reports. Network managers
can also run reports.
Although using OmniGuard/ESM does not guarantee a secure network, it
does let you identify potential security problems. The software recommends
changes and provides both text and graphical reports that are easy to
understand.
Installation
Installing OmniGuard/ESM was quick and simple. The program installed both
the NT OmniGuard/ESM agent and the NT OmniGuard/ESM server. The OmniGuard/ESM
CD-ROM contains software for agents and servers for each platform supported. The
OmniGuard/ESM server installation process requires a special license key,
which incorporates licensing details such as the number of supported agents.
Installing OmniGuard/ESM on a second NT server and an IntranetWare server
required agent installation only. The software uses TCP/IP as the transport
between agents and server. TCP/IP support was already in place, so the software
needed no additional configuration for network operation. You can also use IPX
with IntranetWare environments.
Installation for both the NT Server agent and server was identical. The
IntranetWare agent installation was slightly different, because the agent is a
NetWare loadable module (NLM). The IntranetWare agent required a registration
step for the NT OmniGuard/ESM server to recognize it. Agents are always running,
but they perform checks only on server requests.
You can manage large, distributed networks by interfacing multiple Managers
to centralized Super Managers. I implemented a single Manager environment. Super
Managers let you forward security information to a central location.
OmniGuard/ESM lets you group agents into domains. The domains are often
configured to match the NT domains, but this is not a strict requirement.
Instead, the OmniGuard/ESM domains can match the security requirements. For
example, high-security areas can map to one OmniGuard/ESM domain and
low-security areas can map to another domain.