This article can also be found in the Premium Editorial Download "Information Security magazine: How to tell if you need the help of security integrators and consultants."
Download it now to read this article plus other related content.
nCircle Configuration Compliance Manager
REVIEWED BY BRENT HUSTON
Price: Management server, $20,000, plus $199 per monitored server,
Riding herd on the integrity of your security infrastructure is not an option--it's a necessity. But keeping your IT assets in compliance in a large, complex environment is daunting without automated tools. nCircle Configuration Compliance Manager (formerly Cambia CM prior to nCircle's acquisition of Cambia Security in May) brings policy policy compliance and security management together into one centralized suite, helping cut the job down to size.
Configuration Compliance Manager accepts data from nCircle's IP360 solution, as well as third-party vulnerability assessment scanners, such as Nessus, IBM ISS Internet Scanner and QualysGuard, allowing you to integrate existing tools.
|Features and Interface||A|
The efficient management console presents three primary tabs to a paned interface. The changes pane contains the aggregate of the latest alerts. The inventory section lists all network assets, broken down by subnet range. The compliance view is similar to inventory, but adds columns for compliance with applicable policies, both pass/fail and by percentage.
We were impressed with the product's asset inventory capability, identifying and collecting detailed information on each system. For example, on Windows machines, nCircle reported every piece of installed software, users, groups, services running, shares available and updates installed. For instance, it can check for the latest AV version or unauthorized apps.
We configured Configuration Compliance Manager to reactively scan a host with Nessus, and issue a policy compliance check whenever target files were modified. Many other events can trigger tasks, such as finding new assets, or starting a task when a previous one has finished. You can also schedule scans and set tasks by single host or by group.
Compliance starts with predefined policies for various OSes. Creating policies from scratch can be daunting, but nCircle can automatically create policies from "gold standard" machine configurations.
nCircle has included a PCI compliance policy, and said it was planning to include HIPAA and SOX policies in upcoming versions.
Testing methodology: We tested nCircle Configuration Compliance Manager in our lab, including Windows (XP, Server 2003), Linux and Solaris systems, and Cisco networking devices.
This was first published in June 2007