Menu
Quest extends Unix Sudo tool

Quest extends Unix Sudo tool

Enterprises can now run user compliance reports against Sudo

Reflecting the growing need for automation tools in the enterprise, Quest Software has released a software package that could help Unix administrators better manage policy files that determine which users can access privileged material and programs on Unix and Linux systems.

The package extends the capabilities of the Unix Sudo tool. "A lot of our customers have been using Sudo for many years. This provides them with compliance and reporting capabilities," said Jackson Shaw, Quest senior director of product management.

The newly released Quest One Privilege Manager for Sudo can provide a lower cost alternative to other enterprise access management software packages for Unix, Shaw argued, because it leverages the free Sudo utility and doesn't require administrators to learn a whole set of new commands.

Sudo proves a way for users to run specific sensitive system commands and programs without needing the full root access to a machine. Administrators can limit what advanced access rights each user can enjoy when evoking the Sudo command.

About 18 months ago, Quest hired the Sudo project maintainer, Todd Miller, to maintain the open-source software on a full-time basis -- he had been working on Sudo during his free time before then.

While widely used, Sudo has limitations in the modern enterprise environment, Shaw argued. An administrator may have to manage the Sudo polices across dozens or hundreds of servers, and making changes can involve manually copying policy files across multiple machines.

Also, Sudo offers little help with reporting on how an organization meets its compliance regulations and policies. "A lot compliance regulations want not just who had access to something, but what they actually did," Shaw said. For instance, Sudo can keep a log of how it was used, but not what keystrokes were used within Sudo mode.

Privilege Manager addresses these concerns. Quest's software was built on the plug-in architecture introduced in Sudo 1.8, released in March. The package contains a central policy server, from which administrators can edit the policy files, which are then distributed to all the servers.

The package also includes a keylogger plug-in, which can capture all the actions within a Sudo session. With this plug-in, an administrator could find out what a user did during a particular session, or who issued a specific command at a particular time. The package can also produce reports of who has privileged access, and what programs they can run. The software can be run from the command line, so it can be incorporated into administrator scripts.

Quest One Privilege Manager for Sudo, available Thursday, costs US$59 per server.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags open sourceLinuxoperating systemsunixsoftwarequest softwaremaintenanceUtilitiesnon-Windows

Featured

Slideshows

Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
Show Comments