|
Centralizes access control and enforces the implementation of your security policies.
RetiShield is a product that centralizes access control and enforces the implementation of your security policies to regulate, audit, control and access to your sensitive resources, prevent hacking and information leakage.
- What security threats does it assess?
- RetiShield do not only provide hacking prevention mechanism and full control of your process, users and object flow in your systems but also adds a layer of security in order to properly secure servers, even if a breach has occurred.
- This way your data remains protected at all time.
In a general aspect, RetiShield will allow you to answer the demands of regulatory compliance and easily enforce your security best practices.
- What features does it offer?
- RetiShield provides a unique combination of cross-platform server protection, allowing you to defined fine-grained access control policies through the use of security labels, resources isolation, roles definition and advanced access control lists between objects (process, users, programs¡K) and subjects (files, directories, registry¡K).
- Moreover, to enforce system security, RetiShield will help you implement your security policies through user account enforcement, advanced anti-hacking (web and host based) mechanism, IP flow control and real time logging, activities recording, replay and reporting.
- Why is RetiShield critical for my risk management process?
- Through separation of duties and the establishment of roles to regulate access onto your critical systems, you can easily secure your systems, by mapping your organization structure and security policies on the servers you wish to protect.
- With its advanced access control, RetiShield will allow you to totally annihilate attacks impacts and therefore provide proper deterrence.
- Through its advance auditing features, you conform to regulation compliance, verify your countermeasures efficiency without impeding productivity.
RetiShield™ Series
Global multi-platform access control for optimum risk management
New challenges in security: Access Controls Importance of information systems security is nowadays taken into consideration in most industries. Despite common threats are being continuously re-evaluated; countermeasures are often only deployed at the border network (IDS/IPS, proxy, firewalls...) or at the workstation level (antivirus, user accounts, files privileges...).
- It becomes more and more difficult to enforce and globally manage security policies on multiple systems.
- While protection become stronger, the complexity of the management at both network and workstation level is increasing. It becomes more and more difficult to enforce and globally manage security policies on multiple systems.
- Since protection against external threats has become stronger, most of financial loss now comes from information theft and unauthorized access to data (est. to US$ 21 millions in 2006) mainly due to internal hacking, malwares and improper or wrongly applied security policies caused by disparate resources, security management and users turnover.
- To avoid the hassle of managing a patchworked security, resources and in order to fully control undetected access to information from authorized systems, users or malwares: a new layer of access control is required.
- RetiShield™ : the ultimate solution for a global and granular access control management
- With more than 8 years of experience in information security, RETI is introducing RetiShieldTM: a software solution that a strong access control in order to achieve B1 protection on multiple operating systems.
- Based on Mandatory Access Control a label based protection system, agent oriented design enforce effective security on multiple platforms.
- RetiShield also offer additional authentication modules as well as centralized management, real time reporting and playback interface.
- Mandatory access control Management solution and B1 protection
- The limitation of current discretionary access control is obvious: Super users always have the right to avoid security policy; Compromise a system, get "root" access and control the system.
- The goal of Mandatory Access Control (MAC) is to deny users full control over the access to resources they created. The system security policies (set by the security officer) will determinate the access rights on a system where a user may never grant less restrictive access to their resources than the one specified by the administrator. This way information owners may not grant access to un-authorized users.
- In the end, a "minimum level of access security" is guaranteed, often called "B1 protection". B1 protection level is defined in the orange book and refers to mandatory protection implementation according to TCSEC evaluation criteria.
- Requirements for B1 protection must include an informal statement of the security model, data sensitivity labels, implementation of a mandatory access control over selected subjects and objects and security label exportation.
- The effective access is then defined by the authorization for a subject to access an object based on security labels and not based on file access privileges like standard discretionary access controls.
- RetiShieldTM agents implement a modified Bell-LaPadula model based protection. Using MAC and a need to know concept for a user to access an object, where subject with a lower sensitivity level than an object cannot READ its information. Similarly, subject with higher level of sensitivity cannot WRITE on an object with lower sensitivity level.
Back to top
|
PRODUCTS 
