Is Top Secret Replay-Resistant?

book

Article ID: 50222

calendar_today

Updated On:

Products

CA Cleanup CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware CA Top Secret CA Top Secret - LDAP CA Top Secret - VSE

Issue/Introduction

Description:

Can you find out if CA Top Secret is replay-resistant?

The information system uses [Assignment: organization-defined replay-resistant authentication mechanisms] for network access to privileged accounts.

Solution:

CA Top Secret provides support for passtickets which are used for one time use.

In addition, Top Secret also provides complete audit capability for both privileged and non-privileged accounts.

These audit trails, in unison with the front end access point applications, provide the basis for replay-resistant support.

In addition to CA Top Secret CA also offers the CA Compliance Manager for z/OS product. This product further expands monitoring of privileged account usage. This includes automated notifications whenever an access policy has been tripped.

Environment

Release:
Component: AWAGNT