COSduty architecture description


Solutions	\| User provisioning \| Job scheduling \| \| Output management \| \| Operations workflow management \| Security \|
Products	\| COSuser \| COSbatch \| COSprint \| COSduty \| \| OSM toolset \| Secure shell auditing \|
Customer service	\| Support and maintenance \| Education and training \| \| Consulting \|
Resource library	\| Datasheets and brochures \| White papers \| Case studies \| \| Article reprints \| Presentations \| Demo software \| \| Press releases \|
Partners	\| Already a partner \| Become a reseller \| \| Locate a partner \| Technology partners \|
About OSM	\| Our company \| Our customers \| Contact us \| \| How to find us \| Employment \| \| Legal information \|


	home \| contact \| COSuser \| COSprint \| COSbatch

COSduty-SSA architecture

COSduty-SSA employs a central server component for each of its three major functions. In the case of procedure and duty management, the procedure repository, access control, scheduling, workflow, automation and managed system information are all controlled centrally.

In the case of Privileged User Management, the central server channels all interactive traffic between the administrators' desktops and the managed systems, importantly acting as each administrator's proxy by opening a privileged user session on the managed systems before connecting the administrator and active session together.

The COSduty-SSA server also actively monitors privileged users' sessions in detail and passes the logging information to the audit log server for safe storage. The audit log server is recommended to be a separate system with strong security.

In the case of the Password Vault, again a secure, central repository is required to store administrator passwords, distribute them to the managed systems, run the password generation processes and respond to the users who are responsible for authorizing their release to the engineers who need to use them.

Managed systems are equipped with agents which respond to the central server modules and act locally.

A summary of the characteristics of the COSduty-SSA central server follows:

The software runs on all major variants of UNIX and Linux
There are several configurable communications methods including industry standards such as SSH and OSM's own encrypted method
Contains the OSM Toolset command library to support the development of new procedures
Includes failover capability to support failover to another central server for improved availability
Provides the scheduling functionality for scheduled duties
Contains pre-configured duties for routine security checks for common variants of UNIX and Linux
Contains pre-configured duties for requesting privileged user sessions
Manages all controlled access

The following are the notable characteristics of COSduty-SSA agents

The agent runs on all major variants of UNIX, Linux and Microsoft Windows operating systems
Supports the remote end of whichever communications methods have been configured for use on the Server
Lightweight, remotely installable from the COSduty-SSA Server and requires no host-specific licence key

Audit trails and logs

Audit trails and logs generated by COSduty-SSA are immediately transmitted to an Audit Log Server, most often a low cost appliance with no other function.

The main characteristics of the COSduty-SSA Audit Log Server are:

The software runs on all major variants of UNIX and Linux
Safely holds activity logs away from privileged users who are being audited
Keeps activity logs in a relational database format for easy search, query and reporting and for scanning so as to alert management to suspicious command sequences.

Privacy

Legal

Contact