Fabrikant.ru implements an access control system

On December 12, 2013 the Status Compliance company announced implementation in a network circuit of the trade Fabrikant.ru portal of a control system of access for privileged users to servers on the Wallix AdminBastion (WAB) platform.

Project Tasks

The Fabrikant.ru company needed the reliable and convenient mechanism of control allowing to identify the specific employee and his action (including unauthorized) a system, for decrease in internal risks of information security. According to the results of the tender the project of creation of such system was entrusted the Status Compliance company which proposed the solution on the basis of Wallix AdminBastion (WAB) technologies.

Project Results

The security service of the trade portal received the effective tool for independent access control of technical specialists to servers of the portal, control of their activity in real time and pro-active prevention of possible incidents.

"Our portal integrates already more than 120,000 participating companies on the different industries. Customer confidence is a fundamental factor in our work, – Sergey Gabestro, the CEO of the trade Fabrikant.ru portal noted. – We pay special attention to security issues of biddings and confidential information protection".

The created control system of access represents uniform point of entry and does not require installation of agents on servers or workstations. Its implementation affected the most important elements of IT infrastructure of the trade portal including database management systems, containing critical information on biddings. Therefore within the project the functionality of WAB regarding access control of privileged users to databases on the SQL protocol is added.

A system covers all components of an industrial segment of the trade Fabrikant.ru portal and provides access control under protocols of ssh (to servers and telecommunication equipment), SQL, RDP, a "transparent" input of users on devices at successful authentication, allows to conduct monitoring of active sessions with an ability to manage them in real time, etc.

For the operational notification about possible incidents a system automatically sends to security officers corresponding e-mail or SNMP notifications. The format of event logs allows to store and archive the commands which are directly entered by administrators and their results in a type, convenient for perception and the analysis. It reduced time necessary for cybersecurity specialists for the analysis of the executed transactions and taking measures to minimization of possible damage, from two tens minutes to several seconds.