Oveliane

OSE: the ultimate weapon

Presentation

OSE (Operating system Security Enforcer) implements standard or personalised controls, based on Security Policy. 

OSE aims at:

  • Maintaining the security policy: authorized ports/services , password policy, sensitive files, restrictions on shared files, system and applications access rules...
  • Rolling-out the security policy on all Unix, Linux &Windows corporate servers
  • Detecting dangerous or forbidden services, misconfigurations, incosistencies, abnormal access rights, weak passwords, suspect directories or files, file modification, illegal or suspect network access for servers, new or missing resources...
  • Collecting and controlling Logs ands alarms, generated by OSE checkpoints.
  • Protecting through Integrity controls: sealing and monitoring of sensitive files, new and missing resources, control and surveillance (logs, alarms), access limitation to network protocols....
  • Monitoring system security: dashboards and reports.


 

Architecture

The OSE architecture comprises  three technical layers:

  • OSE Supervision Console : Administrator workstation with a web browser) and optional SOC Interface.
  • OSE Supervision Server: a highly secured UNIX/Linux server with a web server dedicated to OSE, and restricted access to network services to ensure intrusion protection.
  • OSE Agent monitors the security of the server. It can be autonomous
    • The Autonomous OSE Agent  is permanently located on a Unix/Linux server. It is persistent, even in case of network failure. It can also group a set of servers monitored by OSE Agents (see hereafter).
    • The OSE Agentis pushed and managed on Unix/Linux and Windows servers via a SSH connection.

OSE provides three levels of processing for identified events:

  • Internal Console: with detailed characteristics of each and every event (nature, origin, signature, time stamp…)
  • Reports and Dashdoards synthesizing and grouping information
  • Interface with external SOC tools.