I have read the AD implementation guide, but one of my clients' security folk are nervous about sharing our AD information with what is (to them) effectively an untrusted web based service. Umbrella fits the bill perfectly, but I need to understand more about the connections made between the AD Agent on the Virtual Appliances and the cloud services.
- Are all connectors wrapped in SSL (if so, what level of encryption is applied - is it FIPS140-2 compliant).
- What information is extracted from AD (user name, group membership etc). Need to understand the scale of any residual risks.
- Their concern is a culmination of information - if leaked / hacked - could identify a specific individual to a specific role, which may pose a security risk. What information can I provide my customer to reassure them more?
Perhaps it will help if I define my requirements better:
1) I need to be able to report against white / black listed activity by user (not device, as devices are shared) from the internal domain. Therefore, the AD connector is required.
2) I need to understand whether the certificate or token of an authenticated user which is passed to OpenDNS contains anything which would cause security folk concerns, such as cached / hashed credentials, which if obtained during a breach, would put the internal network at risk.
Please sign in to leave a comment.