Products : Rohati Product Overview

Rohati’s Transaction Networking System (TNS) platform provides agent-less access management across an enterprise’s broad range of applications and resources.  It enables context-specific, attribute-based entitlement control on a per-transaction basis across an enterprise’s broad range of applications and resources.

Designed specifically for data center environments, TNS provides the resources and capabilities to keep pace with dynamic business, security and compliance requirements. TNS:

• Extends granular access controls across a broad range of users, applications and resources
• Provides operational simplicity to quickly and cost-effectively define, deploy and manage granular policy and control on a massive scale
• Requires no modifications to clients, applications or servers

The Rohati portfolio includes:

• Rohati TNS 100, a network-based, fixed configuration entitlement control platform for mid-size data centers and departmental server farms
  
• Rohati TNS 500, a configurable and scalable 5-slot chassis designed for large data centers that demand multi-10G application performance
  
• Rohati Central Management System (CMS), which enables centralized and delegated configuration, administration, and management of Rohati TNS platforms and entitlement policies through a powerful yet user-friendly graphical application.
  

The Rohati TNS platforms provide:

Breadth of coverage

TNS supports an array of applications, protocols and extensibility tools, enabling enterprises to extend entitlement controls as broadly as needed to meet security and compliance objectives.

• Web protocols such as HTTP and HTTPS
• File protocols such as Microsoft’s Common Internet File System (CIFS) and FTP
• Administration protocols such as Secure Shell (SSH)
• Multi-media communication protocols such as Session Initiation Protocol (SIP).

TNS tools accommodate custom applications and unique control requirements.

• TNS extends entitlement controls to application-specific protocols over TCP/IP that support the challenge/response mechanism.
• Supports custom rules and responses. 
• XML Access Control Markup Language (XACML) functionality lets enterprises control authorization policies without vendor lock-in.
• Enterprises can write entitlement control policies in XACML, import them into TNS and export them to an XACML policy store.

Compliance and security control

TNS supports user-to-machine and machine-to-machine transactions and applies entitlement controls to enable enterprises to define and enforce granular security- and compliance-related policies.   TNS:

• Applies Layer 7 Access Control Lists (ACLs) based on a broad range of attributes (user, machine, protocols, resource, user or machine activity, environmental attributes such as time and geographic location and network).
• Easily distinguishes and applies project-based security and compliance controls, for example, restricting a user’s access to specific objects within a SharePoint portal and specifying whether user is permitted to read, check out or copy certain files.
• Authenticates every session and authorizes every transaction initiated by a user or machine, without touching applications. 
• Measures application response time on a per-transaction basis, thus providing a centralized mechanism to monitor response time SLAs and quickly identify slow or misbehaving applications.
• Defines logging policies independent of enforcement policies and actions. Enterprises can thus track specific transactions, such as insider access to financial records during SEC mandated quiet periods or suspicious activity by a particular user or group.
• Includes a standards-based log export feature for archiving, forensic analysis, auditing and other security and compliance functions.

Comprehensive management

The Rohati Central Management System (CMS) enables configuration and management of the Rohati TNS platform and configuration and lifecycle management of policies through a powerful yet easy to use graphical application.  CMS allows enterprises to:

• Provision, de-provision and re-provision user entitlements in real time across all applications, simply by changing a user’s directory attributes.
• Delegate administration based on policy domains.
• Manage independently with separate administration, configuration and logging/reporting infrastructure.
• View transactions and policy actions and quickly identify gaps between security policy and intent.

CMS includes tools designed to automate the policy lifecycle. The GUI-based Policy Builder tool allows enterprises to:

• Rapidly create policies in plain English language based on access logs.
• Discover resources in real-time as users are accessing them.
• Perform “what if” scenario analysis and simulate the effect of a policy on production traffic.
• Implement security and compliance controls based on actual user access patterns using simple syntax, ensuring that business intent is accurately captured in policies.
• Create flexible query-driven log analytics and report generation.