PUM

NetIQ (formerly: Novell) Privileged User Manager (PUM)

Product details and history

"Powerful auditing tools capture system transactions and user activity to the keystroke level, and automated rules can randomly select activity records for auditors on any given schedule. Multiple levels of encryption protect sensitive data from unauthorized personnel and comprehensive auditor review utilities build permanent records for legislative compliance. The underlying data is optimized for easy investigation and the system architecture is designed for maximum protection against electronic or physical tampering."

A logged shell with a local agent and a remote server. The server provides a live playback of the audit period, among others - this can be either a Unix shell or even a Windows RDP session.

http://www.novell.com/connectionmagazine/2010/11/secure_superusers.html

NetIQ Privileged User Manager

https://www.netiq.com/products/privileged-user-manager/

NetIQ Privileged User Manager 2.3.1 Release Notes

https://www.netiq.com/documentation/privilegedusermanager23/readme/data/privilegedusermanager_readme.html

Novell Privileged User Manager

http://www.novell.com/promo/home/pum.html - 'Visit our Product Page' redirects to NetIQ

Fortefi Compliance Auditor: Overview (down since a few years)

http://www.fortefi.com/products/compliance/index.shtml

2006 - Attachmate acquires NetIQ

2006 - ? Fortefi announces Command Control

2007 - Fortefi announces Compliance Auditor

2009 - Novell acquires Fortefi

2010 - Attachmate acquires Novell http://en.wikipedia.org/wiki/Novell#Acquisition_by_Attachmate

2011 - Attachmate transfers some of the Novell portfolio to NetIQ http://www.actionidentity.com/netiq

Formerly known as Fortefi Command Control and Compliance Auditor (presented in the HP and RedHat software catalog)

From 2.3.1, product transferred to NetIQ and marketed as NetIQ Privileged User Manager by Novell/NetIQ owner Attachmate

Platforms:

AIX, HP-UX, Solaris, Tru64, Linux, Windows

AIX

Fileset: novellnpum (agent)

SRC: service 'npum'

Processes: unifid (2 instances)

Ports: TCP 29120 (required), UDP 29120 http://www.novell.com/support/kb/doc.php?id=7007094

Config file: /opt/novell/npum/config/unifi.xml

Log (agent): /opt/novell/npum/logs/unifid.log

Some obscure binaries: unifi, unifid, unpak, usvc

Under /opt/novell/npum/service/local/bin, a bunch of 'rexec' commands: ccsum, pcksh, rutcsh, ssh (OpenSSH 5.5p1 in novellnpum 2.3.0.0), sush, udsh, uscp, usrun, usvi

Other products

Balabit Shell-in-a-box