Jump to content

Varonis® DatAdvantage® for UNIX/Linux

Start a Free TrialorRequest a Demo

Interested but want to learn more? Register to download our free whitepapers, webinars, and case studies.

Overview

The Challenge

UNIX and Linux file servers present significant management and protection challenges to administrators:

  • Permissions: Determining who has access to a folder, especially with a combination of UNIX and POSIX ACLs, which folders a user or group has access to, and identifying excess, unneeded.
  • Access Auditing: IT can't answer pressing questions like, "Who accessed or deleted my data?"
  • Data Ownership: IT can't reliably identify business owners of shares and folders.
  • Operational: Manual permissions and group changes are unreliable.
  • High Risk: Stale, excess permissions are rarely revoked. The "Everyone" group is out there—a problem that is hard to find and fix. Critical files and folders are exposed.

The Varonis Solution

Varonis® DatAdvantage® addresses these challenges by aggregating Active Directory user and group details, ACL information and all data access events—without requiring native OS auditing—to build a complete picture of who can and who is accessing data, and who should have their access revoked. It also leads IT to rightful data owners, so the right people can ensure appropriate access and usage. With the Varonis Data Classification framework, IT can immediately identify folders with excessive permissions that contain quantities of sensitive data.

"Using the same security principles applied to Windows and UNIX environments, it is fundamental for organizations with a Linux environment to safeguard, monitor and manage its mission-critical, proprietary data." – Sally Hudson
IDC

Features and Benefits

Features

  • Complete, bi-directional view into the permissions structure of unstructured and semi-structured file systems
  • Complete Audit Trail
  • Recommendations and Modeling
  • Data Ownership Identification
  • Extensible Framework

Benefits

  • See who has permissions to shared folders
  • See which data a user or group can access
  • Audit and report on every file touch
  • See who should and should not have access, and simulate changes without affecting production environments
  • Identify data owners and involve them in management and protection through automation
  • Quickly and accurately identify files that contain sensitive information with the Varonis IDU Classification Framework
  • Accommodate new platforms and metadata streams

Why Varonis

Data protection is necessary to safeguard an organization's customers, employees, business partners, and investors. It is fundamental in securing an organization's intellectual property and competitive edge, and for maintaining the organizational trust required for it to properly function. Ongoing, scalable data protection and management require technology designed to handle an ever-increasing volume and complexity—a metadata framework.

The Varonis Metadata Framework non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), pre-processes it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface. Once data owners are identified, they are empowered to make informed authorization and permissions maintenance decisions through a configurable web-based interface—that are then executed—with no IT overhead or manual backend processes.

Technical FAQ

Does DatAdvantage® for UNIX/Linux support NAS & Native platforms?
Yes – DatAdvantage® for UNIX/Linux can monitor NFS exports on EMC Celerra and Network Appliance NAS devices and native platforms as well (Solaris, Red Hat Linux, SUSE, AIX, etc).
What permissions does DatAdvantage® for UNIX/Linux require to the monitored file system?
DatAdvantage requires SSH or NFS access to the monitored file system, and a suitable UID that has at least "Read" and "eXecute" permissions to the relevant volumes.
What authentication mechanisms are supported?
Varonis® DatAdvantage® for UNIX/Linux supports NIS, local UNIX/Linux accounts and AD for UNIX applications (such as Centrify).
Do you support mixed-mode / multi-protocol mode access to volumes on NAS devices?
Yes – however, in some cases (mixed mode), we may require an explicit definition of the primary security model in use.
I have a secured UNIX platform that hosts a dedicated application – can I monitor it with DatAdvantage?
Possibly – as long as we have the appropriate SSH / NFS and UID access to the file systems, we should be able to gather all the appropriate information.

30-Day Trial

Our 30-Day Free Trial provides a full audit of your file system or your SharePoint environment. Audit permissions, auditing access, usage statistics, recommendations, impact analysis, and identification of business owners.

Within hours of installation

You can instantly conduct a permissions audit: File and folder access permissions and how those map to specific users and groups. You can even generate reports.

Within a day of installation

Varonis® DatAdvantage® will begin to show you which users are accessing the data, and how.

Within 3 weeks of installation

Varonis® DatAdvantage® will actually make highly reliable recommendations about how to limit access to files and folders to just those users who need it for their jobs.

Get the Varonis View. Sign up for the 30-Day Free Trial.

[VIDEO] Eye-opening conclusions about the state of organizational data protection. http://t.co/u4UKxg7lJK #dataprotection #datagovernance