This article can also be found in the Premium Editorial Download "Information Security magazine: Top forensics tools for tracking down cybercriminals."
Download it now to read this article plus other related content.
Enterprise Configuration Manager v4.7
Price: Starts at $995 per managed server and $30 per managed workstation
|Enterprise Configuration Manager v4.7|
This very good product has gotten better. In v4.7, Configuresoft has added the ability to scan and report on *nix systems, building on its excellent support for Windows hosts. Our tests showed that the new agents functioned properly and provided valuable reporting. However, the Unix/Linux and Windows management systems are in separate menu trees, giving them the feel of two separate systems. We'd like to see an integrated configuration management solution.
Our sole complaint last year was v4.5's lack of high-level configuration reports. Configuresoft listened to this criticism and revamped its reporting capabilities. Security managers can now start at the highest levels of configuration and narrow searches to minute detail. For example, we were able to create a high-level report that listed all of the changes made on our systems over an extended period of time. We then drilled down through a series of reports to a level that provided us with the specific changes made to our systems, identified by the administrator who performed the change.
ECM v4.7 uses a two-tiered architecture of agents running on monitored systems that report configuration data back to centralized configuration management servers. (This is the configuration used in our test. For larger enterprises, it's possible to use an external database server to build a three-tiered architecture.)
Configuresoft has kept up with the complex configuration and reporting requirements imposed by regulatory requirements, extending its base library of compliance templates to include GLBA, FISMA, SOX and HIPAA. It's significant to note that compliance reports may be generated from cross-platform data by specifying different compliance templates for each software platform in the enterprise. For example, if you wanted a GLBA report, you'd specify which configuration templates to use for Windows, Unix and Linux, and the report would amalgamate the result.
While these are valuable tools for compliance reporting, a word of caution: Regulations are subject to interpretation, and it would be a mistake to rely upon these (or any other) templates without the advice of legal counsel and qualified technical judgment.
In addition to its powerful ability to report on configuration and changes within the enterprise, ECM 4.7 also offers strong capabilities for modifying the monitored environment. In addition to highly granular options for configuration changes, ECM can manage software packages deployed in the enterprise and execute custom configuration scripts. For example, you may wish to execute a custom script on all Unix systems in your enterprise to alter their NTP settings.
Configuresoft continues to improve ECM in response to changing environments and user feedback. And, we continue to recommend this product as a great time-saver for administrators in medium to large enterprises.
This was first published in December 2005