search cancel

What Anti-malware packages are installed on PAM Appliances

book

Article ID: 254500

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Although CAPAM is a blackbox( closed system) is there any anti-malware that would be running in the background?

Environment

Release : 4.1

Resolution

As noted, PAM is a closed appliance running Linux Debian 9 where there is no general open-port to the customers to access its underlying OS and all firewall rules are controlled by PAM. All access to the underlying OS can only be performed by Broadcom Support Engineers. The data disk is encrypted, and no USB device support is enabled. We do not use SE linux nor the Automatic Hardening. Data encryption modules (FIPS 140-2 validated) and in-memory white-box protection (key obfuscation) used in PAM are not OS based. Cryptographically secure entropy for key gen is intel CPU based and validated in our Common Criteria certification (NIST SP800.90).

PAM does install the package AIDE which is an integrity check tool for ensure files are not maliciously updated. No additional anti-malware software is installed.