EnterSpace Data Sheet

Similar documents
SAML-Based SSO Solution

Detailed Design. Java Problem Repository & Education Platform JPREP

OpenIAM Identity and Access Manager Technical Architecture Overview

StreamSets Control Hub Installation Guide

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.31

SYSTEM REQUIREMENTS M.APP ENTERPRISE

Mozy. Administrator Guide

Server Installation and Administration Guide

Servigistics InService 7.1 Software Matrices Revision 1.0

McAfee Cloud Identity Manager

Fusion Registry 9 SDMX Data and Metadata Management System

IBM Tivoli Identity Manager V5.1 Fundamentals

Installing and Configuring VMware vrealize Orchestrator

Laserfiche Product Suite 2011

VMware Identity Manager Administration

Supported Platforms for Alfresco Workdesk 4.x

Laserfiche Product Suite

McAfee Cloud Identity Manager

Installing and Configuring VMware vcenter Orchestrator

VMware View Upgrade Guide

RSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

Perceptive Process Mining

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

McAfee Cloud Identity Manager

NetIQ Privileged Account Manager 3.5 includes new features, improves usability and resolves several previous issues.

McAfee Cloud Identity Manager

ZENworks 2017 Audit Management Reference. December 2016

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Technical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed.

IBM Security Identity Manager Version Product Overview Topics IBM

Installation Prerequisites

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

McAfee Cloud Identity Manager

Installing and Configuring VMware vcenter Orchestrator. vrealize Orchestrator 5.5.2

OrgPublisher 10 Architecture Overview

Product Data Sheet: Ignition 8 Industrial Application Platform. A Whole New View

MarkLogic Server. Security Guide. MarkLogic 9 May, Copyright 2017 MarkLogic Corporation. All rights reserved.

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Axway Validation Authority Suite

ArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT

Delivers cost savings, high definition display, and supercharged sharing

QuickStart Guide for Managing Computers. Version

McAfee Cloud Identity Manager

Public. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2

QuickStart Guide for Managing Computers. Version 9.73

API Gateway Version November Installation Guide

SERV-U MANAGED FILE TRANSFER SERVER FTP SERVER SOFTWARE FOR SECURE FILE TRANSFER & FILE SHARING

Vodafone Secure Device Manager Administration User Guide

QuickStart Guide for Managing Computers. Version 9.32

Installing and Configuring VMware vrealize Orchestrator

Forescout. eyeextend for IBM BigFix. Configuration Guide. Version 1.2

Service Desk 7.2 Installation Guide. March 2016

Contents Overview... 5 Downloading Primavera Gateway... 5 Primavera Gateway On-Premises Installation Prerequisites... 6

Symantec Ghost Solution Suite Web Console - Getting Started Guide

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.72

Features Comparison Sheet

System Specification

1Z0-430

QuickStart Guide for Mobile Device Management. Version 8.7

Introduction to application management

Paper Command-Line Administration in SAS Viya. Danny Hamrick, SAS

ForeScout Extended Module for IBM BigFix

Fischer International Identity Fischer Identity Suite 4.2

Cherwell Service Management

ForeScout Extended Module for Carbon Black

Oracle Application Express: Administration 1-2

Signavio Products Feature Overview

Install and upgrade Qlik Sense. Qlik Sense 3.0 Copyright QlikTech International AB. All rights reserved.

Using the VMware vrealize Orchestrator Client

AppController :21:56 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

vrealize Operations Manager Customization and Administration Guide vrealize Operations Manager 6.4

System Specification

QuickStart Guide for Managing Mobile Devices. Version

Install and upgrade Qlik Sense. Qlik Sense 3.2 Copyright QlikTech International AB. All rights reserved.

Installing and Configuring VMware vrealize Orchestrator. vrealize Orchestrator 7.3

HySecure Quick Start Guide. HySecure 5.0

Jamf Pro Installation and Configuration Guide for Linux. Version

Dell EMC OpenManage Enterprise Version 3.0 Release Notes

Cisco ISE Features. Cisco Identity Services Engine Administrator Guide, Release 1.4 1

SAML-Based SSO Solution

Liferay Security Features Overview. How Liferay Approaches Security

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

Introduction. Key Features and Benefits

Single Sign-On for PCF. User's Guide

SnapCenter Software 4.0 Concepts Guide

Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...

KVM Console. KVM Console

vcenter Server Installation and Setup Modified on 11 MAY 2018 VMware vsphere 6.7 vcenter Server 6.7

AppController :28:18 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Identity Connect Release Notes,,,

CA Identity Manager. Installation Guide (JBoss) r12.5

22 August 2018 NETOP REMOTE CONTROL PORTAL USER S GUIDE

McAfee Cloud Identity Manager Installation Guide For McAfee Cloud Identity Manager v3.1 August 2012

Quick Installation Guide

Deployment Guide. 3.1 For Windows For Linux Docker image Windows Installation Installation...

THE GREEN CHOICE, THE SMART CHOICE.

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. PingIdentity PingFederate 8

Contact: Method Park Wetterkreuz 19a Erlangen Germany. Phone Fax Internet

Transcription:

EnterSpace 7.0.4.3 Data Sheet ENTERSPACE BUNDLE COMPONENTS Policy Engine The policy engine is the heart of EnterSpace. It evaluates digital access control policies and makes dynamic, real-time decisions whether to grant or deny access. EnterSpace Portal The EnterSpace Portal is a centralized dashboard for creating and managing policies and performing administrative actions. It includes simple and advanced policy editing modes: o Simple editing mode is a graphical user interface (GUI) with a drag-and-drop policy rule builder and a Boolean logic tree containing rule expressions. This mode lets you create or change multiple policies, with a focus on resource hierarchies. o editing mode is a command string text editor for raw XACML 2.0/3.0. With this mode, you can create or change a "raw" XACML policy set, with a focus on attributes. For a comparison of the functionality in each editing mode, see Policy Manager Editing Features in Simple and Editing s. Complete technical documentation set. EnterSpace Java Development Kit (JDK). Embedded HSQL database to store policies, configurations, and logs (logs are in Common Event Format for integration with SIEM tools such as HP ArcSight and Splunk). Default embedded HSQL "HRConnector" database for basic policy creation during evaluation. Built-in configurable connectors that retrieve and enrich attribute data from external data sources: o HyperSQL (HSQL) o Microsoft (MS) SQL Server (2008, 2012) in simple authentication mode o MySQL o Oracle database o PostgreSQL o LDAP/LDAPS, including Active Directory o PKI o SAML v1.1 Attribute Query o SAML v2.0 Attribute Query Bundled Secure Token Service (STS). Bundled Central Authentication Service (CAS). EnterSpace Decisioning Service can be integrated with other RESTful authentication services, such as OpenID Connect/OAuth 2.0 to enhance Single Sign-On (SSO) with attribute based access control (ABAC). 2016 Jericho Systems Corporation. All Rights Reserved. www.jerichosystems.com 1

COMPATIBILITY HTML5, CSS3, and JavaScript. Fully tested browsers include the more current versions of Mozilla Firefox (v26) and Google Chrome (v33). Other web browsers may work, but they have not been tested. Internet Explorer is not recommended. SAML v1.1/v2.0, XACML v2.0/v3.0, and SAML v2.0 profile of XACML v2.0/v3.0. Java SE 7 and 8. COMPLIANCE The bundle is FIPS 140-2 compliant and certified as interoperable with the Department of Defense (DoD) Public Key Infrastructure (PKI) by Joint Interoperability Test Command (JITC). SYSTEM REQUIREMENTS Minimum one dual-core processor (rack or stand-alone). Keyboard, Video, Mouse (KVM) access. 2GB free space on disk to install EnterSpace Decisioning Service. This does not account for page swapping and auditing. A minimum of 2GB of application memory space. Server operating system: o Linux. On Linux systems, 64-bit for Cent/OS. Other Linux operating systems require 32-bit or 64-bit. The minimum O/S version tested: CentOS 5.9 (kernel version 2.6.18-348.6.1.el5). We recommend the latest version of CentOS Linux. o OR Server with Windows Installed. On Windows systems, 32-bit or 64-bit operating systems. The minimum O/S versions tested: Windows 7 Ultimate, Windows 7 Enterprise, and Windows Server 2008 R2 (domain membership is not required). NETWORK REQUIREMENTS Single NIC installed on machine. MAC addresses before deployment to generate the Jericho Systems production license. Evaluation licenses are set to expire. APPLICATION ACCOUNTS REQUIRED Administrator credentials to local machine. Most production installations will only provide a non- ROOT account for running EnterSpace Decisioning Service. Appropriate service accounts necessary to interrogate remote systems. 2016 Jericho Systems Corporation. All Rights Reserved. www.jerichosystems.com 2

POLICY MANAGER EDITING FEATURES IN SIMPLE AND ADVANCED MODES The Policy Editor in EnterSpace Portal provides these capabilities by policy editing mode. Capabilities Policy evaluation. Evaluates a user request based on digital policies, renders a decision, and transmits it to a policy enforcement point (PEP). Evaluation performs the same when the parent and/or child policy being evaluated is created using either editing mode. Authentication neutral. The system supports whatever authentication mechanisms an enterprise deploys; including username and password, biometrics, X.509 certificates, SAML assertions, and more. Rules-based authentication support. Allows graded authentication in which users who authenticate with two factors can be enabled to perform more functions on more resources than users who authenticate with username and password. Resource hierarchy and policy inheritance. Manages resources using a GUI with a resource hierarchy that allows policy inheritance. This can aid in categorizing large numbers of resources, for example, securing documents that are in a folder structure. Drag-and-drop policy rule builder. Builds policy rules associated with a resource-action pair using a drag-and-drop GUI. Editing Boolean logic policy rules XACML 2.0. Creates and edits XACML 2.0 policies in a text editor. XACML 3.0. Creates and edits XACML 3.0 policies in a text editor. 2016 Jericho Systems Corporation. All Rights Reserved. www.jerichosystems.com 3

Capabilities Policy reuse. Supports shared plans so that previously created policy rules can be reused in other policies. In advanced mode, policies can be reused by configuring policy setid references. Comments. Stores comments with policies. In advanced mode, comments can be included as descriptions in the XACML policy itself. Advices and Obligations. Supports advices and obligations that are stored in policies. conversion. Policies created in simple mode can be converted to advanced mode Embedded database. An out-of-the-box basic HRConnector database is provided for policy creation. You can use this for experimentation. XACML policy debugging. Allows tracing the evaluation of a XACML policy. Policy Impact Analyzer. Analyzes two different versions of a policy. Editing Policy workflow and staging Policy import and export. Imports and exports raw XACML policies into a text editor. You can use scripts for bulk import or export of policies. 2016 Jericho Systems Corporation. All Rights Reserved. www.jerichosystems.com 4

Capabilities Auditing and activity logs. Performed on policy evaluations and changes to system objects, such as policies, resources, and connectors. Configurable to allow full stack trace of the policy evaluation, with the complete request and response context detail, to a simple summary. EnterSpace Decisioning Service has out-of-the-box support for file and database audits, CAS audits, plus an API for custom audit needs. Clustering. EnterSpace Decisioning Service instances can be clustered in a domain for availability and scalability. Clusters are intended to work alongside a network load balancer. Realm Viewer. Displays information about all nodes in a cluster and their status Connector architecture. Allows Decisioning Service to look up attributes from external data sources when a policy is evaluated. Decisioning Service has out-of-the-box support for databases, LDAP directories, Active Directory, and SAML attribute responders. An API is available for custom connectors to be developed. Event triggering. When a policy is evaluated, events can be triggered, such as sending an email, instance message, and alarms, or updating data sources. Out-of-the-box, Decisioning Service provides email and JMS events. Custom events can be developed using an API. Campaigns with shared policies as children, events, and payloads N/A Editing N/A Roll-back to previous version of a policy History log. Shows details of prior versions of policies Admin User Privileges management. Implements finegrained access control over policy and connector management using EnterSpace Portal Last updated 18 December 2014 2016 Jericho Systems Corporation. All Rights Reserved. www.jerichosystems.com 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback