Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Configuration Management: Configuresoft's Enterprise Configuration Manager v4.7

Configuresoft's ECM v4.7

Enterprise Configuration Manager v4.7
Price: Starts at $995 per managed server and $30 per managed workstation


Enterprise Configuration Manager v4.7
@exe In October 2004, we reviewed Configuresoft's Enter-prise Configuration Manager (ECM) v4.5 and were impressed with the system's ability to aggregate Windows system configuration information, remediate deficiencies and provide detailed reports across the enterprise.

This very good product has gotten better. In v4.7, Configuresoft has added the ability to scan and report on *nix systems, building on its excellent support for Windows hosts. Our tests showed that the new agents functioned properly and provided valuable reporting. However, the Unix/Linux and Windows management systems are in separate menu trees, giving them the feel of two separate systems. We'd like to see an integrated configuration management solution.

Our sole complaint last year was v4.5's lack of high-level configuration reports. Configuresoft listened to this criticism and revamped its reporting capabilities. Security managers can now start at the highest levels of configuration and narrow searches to minute detail. For example, we were able to create a high-level report that listed all of the changes made on our systems over an extended period of time. We then drilled down through a series of reports to a level that provided us with the specific changes made to our systems, identified by the administrator who performed the change.

ECM v4.7 uses a two-tiered architecture of agents running on monitored systems that report configuration data back to centralized configuration management servers. (This is the configuration used in our test. For larger enterprises, it's possible to use an external database server to build a three-tiered architecture.)

Configuresoft has kept up with the complex configuration and reporting requirements imposed by regulatory requirements, extending its base library of compliance templates to include GLBA, FISMA, SOX and HIPAA. It's significant to note that compliance reports may be generated from cross-platform data by specifying different compliance templates for each software platform in the enterprise. For example, if you wanted a GLBA report, you'd specify which configuration templates to use for Windows, Unix and Linux, and the report would amalgamate the result.

Exec Summary
up Unix/Linux support
up Robust reporting
up Compliance templates
up Remediation tools
up Separate platform menus

While these are valuable tools for compliance reporting, a word of caution: Regulations are subject to interpretation, and it would be a mistake to rely upon these (or any other) templates without the advice of legal counsel and qualified technical judgment.

In addition to its powerful ability to report on configuration and changes within the enterprise, ECM 4.7 also offers strong capabilities for modifying the monitored environment. In addition to highly granular options for configuration changes, ECM can manage software packages deployed in the enterprise and execute custom configuration scripts. For example, you may wish to execute a custom script on all Unix systems in your enterprise to alter their NTP settings.

Configuresoft continues to improve ECM in response to changing environments and user feedback. And, we continue to recommend this product as a great time-saver for administrators in medium to large enterprises.


Article 6 of 15

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All