- 10 Microsoft research projects
- 10 kitchen gadgets for the geek gourmet
- Verizon trounces competition
- Smartphone smackdown: Storm vs. iPhone
- FBI warns of holiday cyber scams
|
||||
Symark, late in 2006, broke code development ranks with OEM partner eDMZ Security. The PowerKeeper 2.0 running on HP hardware we tested represents some slight changes in terms of flexibility, operating system and application support between the two offerings. The company plans to release PowerKeeper 3.0 this summer, but that revised code was not ready for us to test.
Symark's PowerKeeper is a password safe that can take on increasing gradients of password control -- from general user account access to servers right up through to root access to administrative accounts on business critical resources. Additionally, like all of its competitors, PowerKeeper can tap into layers of third-party authentication mechanisms as well.
At its highest level, an organization's passwords become totally dependent on PowerKeeper's resources, and its domain of passwords becomes autonomous, where even high-level administrators don't know what they are. There is no locksmith you can call; like e-DMZ's PAR, the appliance disk is encrypted with AES-256.
This high level of controlled use also mandates that PowerKeeper, like e-DMZ PAR, be backed up and made highly available. To that end there are cold spare and paired-hot spare options offered by Symark should disaster recovery or route availability problems to the PowerKeeper appliance arise. In this redundant configuration, a chain of authority is created that vets according to pre-determined applied policy.
PowerKeeper was supplied as a physical appliance based on an HP DL360G5 server. Like e-DMZ, it's a Windows hardened server with no console capabilities. There is no access to the operating system after installation.
Administration of the appliance is separated from the application functionality of the appliance; passwords for appliance administration are separate from those involved with the privileged password authentication services afforded by the product. The administration passwords can be authenticated against another source, such as the RSA SecureID platform we used, but Symark recommends at least one password be unencumbered by a possibly/potentially unavailable authenticator. Passwords can be strong, but it's not easy to set policies regarding password length and enforce these policies accordingly as the Symark admin user interface is somewhat difficult to use.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment