rouletteber.blogg.se - Configuration management software dod

View and report on hardware and software inventoriesįederal IT pros can get more information on SCM here.

Automatically detect infrastructure eligible for monitoring.

Correlate configuration changes with network and application performance.

Compare current configurations against a baseline or between any two points in time.

Capture and track who made configuration changes.

Detect, alert, and report on changes with hardware inventory, registry entries, binary and text files, software inventory, IIS configuration files, and script outputs.

With adding a policy engine, out-of-the box policies for DISA STIG, new alerts, and reports for compliance policies, SCM is helping operationalize compliance monitoring. Monitoring your server configurations against compliance policies can be cumbersome. SolarWinds Server Configuration Monitor is designed to quickly reveal when server, application, or database configurations change, who’s changing them, what changed, and show performance impact-helping you have the necessary visibility to troubleshoot faster, improve security, and demonstrate compliance. And when configurations start to drift, the problems start-outages, slowdowns, security breaches, and compliance violations. Even with the best change control processes, it’s often impossible to control all the configuration changes happening to your infrastructure.

In modern IT environments, making configuration changes is easy, but tracking them and their impact is hard. SolarWinds Server Configuration Manager (SCM) Produce audit documentation and reportsįederal IT pros can get more information on NCM here.Produce FISMA and DISA STIGs reports from configuration templates.Implement configuration of security controls and help assure effectiveness.Inventory network device configurations, assess configurations for compliance, and automate change and configuration management.NCM can integrate with the National Vulnerability Database to help more easily identify and eliminate known vulnerabilities.

NCM can help federal IT pros deploy standardized configurations, detect out-of-process changes, audit configurations, and correct compliance violations. SolarWinds ® Network Configuration Manager (NCM) is designed specifically to automate the task of managing network configuration and compliance. That said, the additional effort is highly manageable, especially with automation. While the DoD has made managing risk easier by providing hardened baselines for operating systems, system components, and network devices through STIGs, additional compliance requirements will require further effort. Some tools have even been developed to encompass a particular category of system components, such as network components, or a particular functional process, such as log aggregation and analysis. Others, like the Security Content Automation Protocol (SCAP) Compliance Checker (SCC) were developed by the U.S. Some, like Assured Compliance Assessment Solution (ACAS), were developed by industry specifically for DISA.

There are several common testing tools that implement STIGs. While meeting so many requirements may seem daunting, DISA provides both requirements and tools for validating and implementing the security requirements. To date, DoD has released 461 STIGs, and continues to release more on a semi-regular basis. According to DISA, STIGs “are the configuration standards for DOD and IA-enabled devices/systems…The STIGs contain technical guidance to ‘lock down’ information systems/software that might otherwise be vulnerable to a malicious computer attack.” While the National Institute for Standards and Technology (NIST) provides reference guidance across the federal government, and the Federal Information Security Management Act (FISMA) provides guidance for civilian agencies, Department of Defense (DoD) systems have yet another layer of requirements promulgated by the Defense Information Systems Agency (DISA).įederal IT security pros within the DoD must comply with the technical testing and hardening frameworks known by the acronym STIG, or Security Technical Implementation Guide.