Implementation Guide › Planning Your Enterprise Implementation › Deciding How to Protect

Deciding How to Protect

Before you install CA ControlMinder, decide what features of the software you want to use.

CA ControlMinder provides the following protection methods:

• Native security using CA ControlMinder Endpoint Management lets you implement the security features that are already familiar to you.
• Advanced native security lets you guard against more sophisticated attacks. CA ControlMinder lets you:
  • Limit the rights of privileged accounts
  • Assign special privileges to ordinary users, such as the ability to change user passwords for special users
  • Support multiple file systems including NTFS, FAT, and CDFS
  • Centralize security policies and auditing across heterogeneous environment containing Windows and UNIX systems
• Advanced policy management lets you deploy multiple-rule policies (script files) you create for your enterprise. This policy-based method lets you create version-controlled policies and assign and unassign policies to host groups in your enterprise. You can also directly deploy and remove deployed policies (undeploy) and view deployment status and deployment deviation.
• A Policy Model database (PMDB) lets you propagate a security database with users, groups, and access rules to a set of subscribers. The PMDB regularly propagates all the updates that it receives to subscribers. This mechanism eases the administrative burden on system administrators.
• Privileged User Password Management (PUPM) provides role-based access management for privileged accounts on target endpoints from a central location. PUPM also provides secure storage of privileged accounts and application ID passwords, and controls access to privileged accounts and passwords based on policies.
• UNIX Authentication Broker (UNAB) lets you validate local UNIX user and group credentials against Active Directory. Users use a single repository to log in to all platforms with the same user name and password.