Symark International PowerBroker
Strengths: Solid account management for Linux/UNIX systems, including keystroke logging.
Weaknesses: Applies only to Linux/UNIX systems.
Verdict: If you have a large Linux/UNIX farm, look at this tool carefully.
The Symark PowerBroker is a policy-driven, privileged access control application that provides granular account access delegation, detailed logging and reporting, and centralized administration across heterogeneous Linux and UNIX environments. It provides Linux and UNIX security and accountability by enabling system administrators to delegate administrative privileges and authorization for any Linux/UNIX account, including root, without disclosing the account password.
While this product is installed and run on a Linux system, it does not mean the administrator has to be a Linux guru. We found installation to be quite straightforward, and with some help from the documentation we were able to install this product fairly quickly and easily. Management can be done just as easily with most tasks available either by the command line via a PuTTY session or via an intuitive web GUI.
From a performance standpoint, administrators can create powerful and granular security policies in PowerBroker to restrict user access to specific applications, commands and files. All PowerBroker user activities are recorded - down to the keystroke level, if required. This enables a secure audit trail of every privileged access. PowerBroker further supports these compliance requirements through centralization and administration of security policies, centralized log pooling and encryption of network traffic.
Documentation includes an installation manual and administrator guide, both in PDF format. While these guides offer clear and detailed instructions on installing and managing the tool, they focus more from the command line side and do not go into much detail on using the GUI.
Symark provides 24/7/365 phone and email support at 20 percent of the license fee. A knowledge base, FAQ section and product documentation is also available via the website.
At $3,000 per OS, this can become quite expensive for just managing Linux and UNIX systems. However, we do find it to be a good investment based on its high amount of granularity and auditing power.