Strengths: Solid account management for Linux/UNIX systems including keystroke logging
Weaknesses: Applies only to UNIX/Linux systems
Verdict: If you have a large UNIX/Linux farm have a look at the Symark PowerBroker carefully
The Symark PowerBroker is a policy-driven, privileged access control application that provides granular account access delegation, detailed logging and reporting and centralised administration across heterogeneous Linux and UNIX environments. It provides Linux and UNIX security and accountability by enabling system administrators to delegate administrative privileges and authorisation for any Linux/UNIX account, including root, without disclosing the account password.
While this product is installed and run on a Linux system, it does not mean the administrator has to be a Linux guru. We found installation to be quite straightforward and with some help from the documentation we were able to install this product fairly quickly and easily. Management can be done just as easily with most tasks, available either by the command line via a Putty session or via an intuitive web-based GUI.
From a performance standpoint administrators can create powerful and granular security policies in PowerBroker to restrict user access to specific applications, commands and files. All PowerBroker user activities are recorded, down to the keystroke level if required. This enables a secure audit trail of every privileged access. Additionally, PowerBroker further supports these compliance requirements through centralisation and administration of security policies, centralised log pooling and encryption of network traffic.
Documentation for this product includes an installation manual and administrator guide both in PDF format. While both these guides offer clear and detailed instructions on installing and managing the product, focus is more from the command line side without much detail on the GUI.
Symark provides 24/7, 365 days a year phone and email support at a cost of 20 per cent of the licence fee. A knowledgebase, FAQ section and product documentation is also available via the website. At a price starting at about £1,800 per operating system, this product can become quite expensive for just managing Linux and UNIX systems. However, we do find it to be a good investment based on its high amount of granularity and auditing power.