InforcubeFAM文件审计与安全产品介绍.ppt

Here’s an example of how an Imperva customer that’s a regional bank applied File Security They have a legacy application running on a mainframe that integrates with a banking application by exchanging files via a file server. Those files have information in them that is governed by Sarbanes Oxley (SOX) regulations, so the bank needs to ensure that only the applications and authorized users access those files. The bank deployed an Imperva X2500 File Activity Monitoring appliance and are now able to audit and alert on access that deviates from policy. * One of the three primary use-cases for file security is file user rights management (the other two are access auditing and IT operations efficiency). The key requirements for file user rights management are Establish a baseline and periodically updated snapshot of rights by aggregating user rights across all folders – down to the file level, and across all systems Identify who owns the data so that you can work with them on establishing access rights Detect excessive rights to assist owners and those who administer rights in reducing access to a business-need-to-know level Establish a formal rights review cycle to ensure rights are kept aligned with business policy * * SecureSphere File Security takes the user rights information it aggregates and delivers on-screen, interactive views and analysis of access rights You can start out by looking at rights from a summary view. Here we see that data owned by the Finance department has a lot of permissions, and we can drill down to see who has access to their data [BUILD SLIDE] [BUILD SLIDE] Now we see who has access to the data, and if we look at the Groups that have access we can see that the GA group has access to Finance data. To understand that that means exactly, we can look at who exactly is being given access [BUILD SLIDE] And, here we see the users that end up with access when the GA group is given rights. Note that we can pull organizational d