How do you monitor your 3rd party providers ?

knowlesy

knowlesy

knowlesy

Soldato
Joined
6 Jan 2006
Posts
4,663
Location
Newcastle
As the title says really, Im looking at a solution to monitor my 3rd party contractors, that log onto my network via RDP and VPN etc.

I've seen "observe it" however it doesn't seem to fill me with a great amount of confidence I was wondering if anyone else has any other ideas ?
 
We use 1 use tokens on our VPN, so each contractor has a username and they contact us for a 1 use password. So they can only get in when we know about it and approve it. We also have software that monitors what's done on servers...the name of which escapes me. That and Solarwinds NCM keeps tabs on any changes to network devices configs.
 
Last edited:
We're using LogMeIn Central.

You can run reports to see when contractors have logged in, how long were they connected for etc. We also control which PC or Server they can access.

We've also enabled LogMeIn client on PC/Server to record remote control sessions in case we ever have to check what contractor has done.

LogMeIn Central also cheap as they're 50% discount codes available on the net for 1 year subscription.
 
sidethink said:
We use an access control appliance from Xceedium for this.

http://www.xceedium.com/en/solutions/vendor_access_control.php

Its superb, but not cheap. Depends how serious you want to get really.
Click to expand...

Ive tried contacting them via there "contact us" on their site however it just flashes the screen and dosent give you any message if its sent or not :S Ill try and give them a call later today

Skidilliplop said:
We use 1 use tokens on our VPN, so each contractor has a username and they contact us for a 1 use password. So they can only get in when we know about it and approve it. We also have software that monitors what's done on servers...the name of which escapes me. That and Solarwinds NCM keeps tabs on any changes to network devices configs.
Click to expand...

can you remember what software it was ? and how do you use tokens is it a case of enable / disable logins and set a new password ?

walnuts said:
We're using LogMeIn Central.

You can run reports to see when contractors have logged in, how long were they connected for etc. We also control which PC or Server they can access.

We've also enabled LogMeIn client on PC/Server to record remote control sessions in case we ever have to check what contractor has done.

LogMeIn Central also cheap as they're 50% discount codes available on the net for 1 year subscription.
Click to expand...

does this have the ability to set an allotted time for instance

contractor a your cool I like your stuff you can access any time

contractor b your ok I guess heres just 30 minutes of play time ?


thanks again
 
knowlesy said:
Ive tried contacting them via there "contact us" on their site however it just flashes the screen and dosent give you any message if its sent or not :S Ill try and give them a call later today



can you remember what software it was ? and how do you use tokens is it a case of enable / disable logins and set a new password ?



does this have the ability to set an allotted time for instance

contractor a your cool I like your stuff you can access any time

contractor b your ok I guess heres just 30 minutes of play time ?


thanks again
Click to expand...

I think it's called tripwire, but I'd have to check. It's not something I use day to day in my role.
The token system (called safeword) uses key fobs to generate passwords by pressing a button on it. Which is fine for staff but not everyone The software runs on the radius server used by the VPN box and adds a tab to the AD account properties in which you assign a key fob serial to the account and can generate the codes from there manually (while the actual fob says locked away in a safe). Which is what we do for 3rd parties who we don't want to have a key fob.
The downside is you need fobs, which are ~£50 each. But you can assign one fob serial to more than one AD account provided the accounts don't access the VPN at the same time.
 
Skidilliplop said:
I think it's called tripwire, but I'd have to check. It's not something I use day to day in my role.
The token system (called safeword) uses key fobs to generate passwords by pressing a button on it. Which is fine for staff but not everyone The software runs on the radius server used by the VPN box and adds a tab to the AD account properties in which you assign a key fob serial to the account and can generate the codes from there manually (while the actual fob says locked away in a safe). Which is what we do for 3rd parties who we don't want to have a key fob.
The downside is you need fobs, which are ~£50 each. But you can assign one fob serial to more than one AD account provided the accounts don't access the VPN at the same time.
Click to expand...

keyfobs small bits of tech that will easily get lost .....



me thinks auditors will like this :D
 
knowlesy said:
keyfobs small bits of tech that will easily get lost .....



me thinks auditors will like this :D
Click to expand...

That's exactly why we only dish them out to key people. All 3rd parties have to email a request to us and we generate their token in the software. (said request is linked to a helpdesk ticket for auditing)

It's not perfected, but it keeps SOX happy :)
 
You must log in or register to reply here.
Back
Top Bottom