| CONFIGURATION MANAGEMENT
Since we last looked at Enterprise Configuration Manager (ECM) about three years ago, Configuresoft has improved its value to enterprises seeking to survive in a complex regulatory compliance environment. ECM provides a centralized view into the configuration of managed servers and workstations, and the ability to initiate changes.
ECM ships with a variety of compliance templates that you can modify to suit enterprise-specific requirements. You can also create exceptions.
You can monitor and manage a variety of system configuration elements, including disk usage, file system attributes, registry entries, installed software, local and domain accounts, service accounts and logging policies. It can also monitor application settings for SQL Server and Internet Information Services (IIS). New in this release, ECM includes help desk integration for Remedy.
ECM automatically tracks changes in the environment and can distinguish between changes made through the ECM interface and otherwise (for example, by a locally logged-in administrator). The change management workflow allows administrators to reconcile changes as authorized, out-of-band or noise.
The two-tiered architecture comprises a centralized collector with an integrated SQL Server database and agents to gather information and report to the collector.
ECM can discover Windows hosts by accessing an Active Directory domain controller and automatically license the systems and push out the client software.
Unix/Linux servers require entering host information manually or file import. Agents are installed manually.
The Web-based portal has four tabbed sections available to users based on role: Console, Compliance, Reports and Administration. The interface is smooth and responsive, but there's a steep learning curve.
ECM's user account management integrates seamlessly with Active Directory, allowing you to leverage existing authentication and authorization infrastructure.
ECM continues to deliver on its core promise: the ability to monitor and modify the configuration of managed systems in an extremely granular fashion. Our tests verified that the agents gather and report configuration information effectively. Additionally, we were able to issue configuration commands to managed systems through the ECM Portal. For example, we used ECM to kill processes and modify registry entries.
The Windows Remote Command interface allows you to execute arbitrary VBscript commands on managed systems and includes predefined scripts that accomplish common tasks.
The new version also provides support for monitoring VMware ESX virtualization servers.
ECM ships with a number of built-in, management-friendly dashboards complete with graphics for operational status reports. These dashboards track security log events, change management, antivirus status, installed software package and compliance with standards.
You can also create custom reports using a wizard.
One of the most important new features is the ability to enforce continuous compliance requirements through the use of alerts to notify you if a system's configuration varies from compliance requirements.
ECM is one of the best configuration management products we've seen. If you're able to accommodate the product's steep price tag in your budget, it's a fantastic solution for monitoring and maintaining compliant system configurations in the enterprise.
Testing methodology: We tested ECM in a Windows Server 2003 environment running under VMware Workstation.