Views from Around the World

Remember thinking computers?  How about all those diagnostic programs that promised so much and yet delivered so little?  Yeah, I do too.  So I was initially skeptical when I heard about the Novell Support Advisor.  I’m not skeptical anymore.

One of the most frustrating things that support customers go through, is that first level of questions you go through.  The support professional needs to do this to perform some very basic validation and to skip it creates a lot of risk down the line by “missing” some key point.  We’re very fortunate that our customers are usually pretty diligent about doing pre-call checking but there’s always going to be the element of the support pro needing to gather a lot of configuration information and service validation.

For our SUSE Linux Enterprise and OES customers, we’ve turned that bumpy road into a highway.  Any customer can download a copy of the Novell Support Advisor from our site and install it on their Linux or Windows client.  The application uses Adobe’s Flex and Air systems to make the installation super simple and provides an elegant and snappy user interface to what you can of course do through terminal.

The tool once launched allows the user to probe the system for a variety of selectable service and functional options based on categories including connectivity, eDirectory, OES, Print, SLE, Update and Security.  Each category contains multiple service “patterns” that the intelligent diagnostic looks at to make conclusions about the state of the service pattern.  When the data is being gathered some load occurs over a Secure Shell connection to the queried device, but once the data is collected the connection is terminated so network and device load is minimized.  The gathered data is consolidated into an easy to use view that lets the viewer and the support professional see quickly the state of the system.  The tool can also be used to build history to see if things change over time and store that in the Analysis Archive.  Because all the reports are archived, it’s easy to see changes over time and the simple red = critical, green = good dashboard makes information readily accessible

The client also talks to our own update servers to load pattern updates and new patterns, so value increases over time without a lot of admin time required.  The user can select reporting on entire categories or select specific patterns from multiple categories providing enormous flexibility as well as the capability to cut to the chase when doing a problem diagnosis.  If a problem is discovered where help is needed, a service request connection to the NCC can be opened.

Customers can download the tool at http://support.novell.com/advisor/  The tool was released on March 20th, so folks may not yet know about it.

It’s an excellent tool and I want to thank very much the developers for taking me through a quick demo recently.  I encourage all readers to share with customers and prospects that Novell Support has raised the bar in the delivery of more rapid data gathering and diagnosis for Linux systems.  The Novell Support Advisor is a real differentiator sure to benefit anyone who supports a Novell SUSE Linux or OES environment.

Until next time, peace.

Ross

No it’s not a column on arborist skills, I’m referring instead to the proliferation of root capable access on UNIX systems in the corporate IT space.

All too often adminstrators, DBAs, users and other people end up with root level access to UNIX and Linux production systems.  So why is this a problem?  Root is, to all intents and purposes, the supreme deity of the system.  A person with root level access can do literally ANYTHING to the system.  Start it.  Stop it.  Kill processes.  Disable services.  Open ports.  Copy data.  You get the picture.

In the old world it was always simple to just give someone root access or make that person root equivalent rather than doing things the right, but sometimes difficult, way of assessing and setting the right level of privilege at the file, directory, process etc. level.  Managing changes over time became problematic because of the power and complexity of the base security system.  So while it’s “wrong” lots of folks became root equivalent over time because it was fast and they were “ok”.

Now we face the unbiased measurement of compliance initiatives and our systems are found to have more holes than a chunk of swiss cheese or a road sign in some unnamed state.  The draconian fix is to remove the root access but while this works in the very short term, it’s not productive for the real world.

What we really need to do is to be able to simply document who needs root style access to what, without making that person root equivalent.  This is where our new acquistion of Fortefi and Privileged User Management really creates value.

The idea is very simple.  Make a database with a nice GUI front end so we can easily assign the right access to the right user to the right resource so that person can be granted root like privilege for the specific task or role without becoming root equivalent.  The power of using this repository model is that it can provide real time validation of the user’s right to use the command or service without immediate administrator intervention.  Moreover, all actions are logged, so when reporting is needed, the data is in place and easily delivers the report in a usable format.  This is driven because the audit data is reposited in a secure manner that can deliver answers with great speed.  In an infraction investigation, delay is expensive.

While remedial reporting is interesting the real power comes from due diligence.  This daily or other interval check validates that accesses are reasonable and necessary and doesn’t require that an event occur before the risk is found.  It allows managers to sign off on activity samples that creates a robust platform to satisfy auditors and security inspectors.

Novell’s Privileged User Management delivers on these requirements in the following ways:

• 100% keylogging of privileged access
• Automatic grading of risk level
• Super user privilege management
• Realtime logging and monitoring
• Proactive compliance management
• Audit the auditor

Novell’s solution not only mitigates risk and simplifies security it also saves on operational expense.  For example to manage the common SUDO function across 1500 servers could take as much as 80 hours.  With the Novell solution, the time required is less than six hours for the same number of servers.

So who can benefit from Novell Privileged User Management?  Literally any organization that uses UNIX or Linux will benefit because root equivalence creep is not only widespread, it’s been a tacitly acceptable practice for years.

My request of you is to think of all your customers or prospects who use UNIX or Linux and make a call to share with them the real risk of root equivalence creep and ask for the opportunity to speak with them about Privileged User Management.  It solves this problem quickly and efficiently and can also be an extremely proactive risk management initiative.

Until next time, peace.

Ross