FAQ

The following are some of the frequently asked questions for new and potential SecureEscorts (SE) customers:

All devices that can be accessed via telnet, ssh, or a application via a IP address can be managed by SE.

SE requires a Sun server or comparable server running Solaris 9 with Oracle 9i installed. For redundancy a minimum of two servers are recommended for customer production install.

Every device whose access is going to be managed by SE should have the following identified: Specific Type. Unique Name, IP Address, Location, Connection Service (telnet, ssh, or application), accounts on device.

Each SE user should have a Unique name and known authentication type (local password, LDAP server, Active Directory server or ACE server).

A role in SE is just a collection of users that will have access to the same groups, devices, and accounts. Each role should know the following:

Customers will setup corporate firewalls that will force users to access devices only through SE.

Any application that connects to a device using an IP address can be access managed and recorded via SE. Specifically Web based applications, Local executables type applications or X11 / X server based applications can be managed.

8. Can SE allow users to setup regional administrators to free up our central super administrators?

Yes, SE allows roles to be setup as users or administrators for specific groups or regions.

Yes, through the use of redundant servers and Oracle replication SE is fully fault tolerant. The separate servers can also be placed in different geographical locations to provide extract protection if required.

SE has an Audit tool that the users can run to access SE user activity, device connections, and keystroke capture or video playback of device connections. The Audir tool can also be used to go through historical Alarm data for the SE system.

11. Can users access SE through Procomm so they can use their existing scripts?

A Terminal based interface which allows users to connect via any terminal emulator (like Procomm, Putty, hyperterm, etc.)

No, SE is a self contain and accessed devices through already existing accounts through standard protocols.

13. The type of training capabilities available, including customized training at customer sites

Ineo’s training is provided in a custom format. We provide on site training for a predetermined number of Administrators and internal trainers as a part of the initial installation.

14. Does SE provide session capture capability for telnet and ssh?

Captures all keystroke entries for telnet and SSH connections

15. Password management capability of the solution?

Supports device Password Management (reduces administrative time by automating device password changes)

16. Dependency on device agents or software development required for new devices.?

There is no need for device agents as standard connectivity methods are used thus eliminating extra cost for connectivity to new devices

17. Session Audit capability of the solution?

Provides session, device connectivity, session capture data, and application reports that are Sarbanes-Oxley compliant. The Audit tool can also be used to search for internal alarm information within SecureEscorts

18. Does SE provide session capture for applications and web based device connectivity?

Provides video capture for applications (http, https, XTerm, and local applications)

19. Can users make database changes without the use of a GUI?

SE supports Programmatic changes through our Resource Command Interface (RCI) or from the Global change utility as part of the SecureEscorts Desktop

20. Describe any tools or procedures that you have available to facilitate this multi-vendor, multi-application environment?

SecureEscorts is deals with standard protocol level connectivity (Telnet, SSH, TCP application connectivity) not at the vender specific interface

21. Describe the capabilities of your organization to serve as the system integrator for incorporating, certifying, and supporting third-party products (utilities, applications, etc.) on SE?

There is no need to certify an application or connectivity, if the application is a TCP based connectivity or the connection is a standard Telnet or SSH we will support this.

22. Is transmitted data Encrypted?

SecureEscorts provides secured and encrypted SSH channels to pass information

23. Are any Specialized network equipmentrequired for SE?

No specialized network equipment is required

24. Does SE support network management functions, including error reporting and system configuration?

SecureEscorts has error reporting or Alarming for internal alarms. All system configurations can be performed via the Administration SecureEscorts Desktop or CLI interface

25. Does the SE interface support encryption between the user access to SecureEscorts and the Network Elements or EMS?

All activity between user and SecureEscorts is encrypted via a SSH like pipe.

26. Provide a description of SE capacity planning and modeling tools available for your proposed solution?

SecureEscorts was designed from ground up to support a large number of concurrent user sessions. It architecture removes any potential bottle necks that would restrict user based capacity. It uses asynchronous communications as well as distribution into multiple servers to accommodate user load. We have planned on provisioning three types of servers (small, medium, and large) that will be dependant on customer requirements

27. Does SE support bulk load functionality via flat csv files to support mass user creation?

Yes SE has a Resource Command Interface (RCI) that can import device and user data directly into the system.

28. How can a normal user access SecureEscorts?

A user has three options for accessing SE, the client, the Web based interface, or the terminal based interface.