|
Configuration Intelligence®
The Need for Configuration Intelligence™
Optimizing process and managing change in today's complex environments is paramount to avoiding service issues, reducing configuration-related downtime, improving compliance with organizational policies, regulations and standards, and lowering ongoing costs. With IT budgets on the rise, organizations are rapidly adopting new technologies like Virtualization and SOA that offer the promise of improved service levels at lower costs. But with each technology comes an exponential increase in complexity and new security, compliance and management challenges, many of which are beyond the limits of today’s systems management tools. Through powerful correlation and optimization techniques, Configuration Intelligence™ transforms operational data and organizational behavior into the actionable business insight necessary for making better, faster, more effective decisions.
Configuration Intelligence™ Benefits
- Highlight the overall general trends of changes and change alerts taking place across sites, business units, operating systems, hardware vendors, logical and virtual machine groups.
- Correlate inband and out-of-band changes and their relationships to critical systems and security events occurring organization-wide, especially the number and type of service desk incident and trouble tickets.
- Signal (with user defined Key Performance Indicators (KPIs)), significant or alarming changes in the percentage of systems successfully patched or compliant.
- Evaluate the impact IT processes such as change, security, and remediation have on the quality of service delivered to the business.
- Prepare organizations with accurate, normalized facts and insight needed for major strategic computing initiatives, including moves to server virtualization and major OS upgrades and migrations.
Next Generation Systems Management
Through powerful correlation and optimization techniques, Configuration Intelligence™ transforms operational data and organizational behavior into the actionable business insights necessary for making better, faster, more effective decisions.
Beyond Automation: Continuous Compliance
|
|
ECM delivers powerful, enterprise information through action-based dashboards, reports, tables and alerts, all within a single web-based console. With ECM, your organization will no longer need separate systems management and security compliance tools for Windows, UNIX and Linux platforms. ECM's enterprise dashboards enable organizations to understand the "big picture" and then drill down for supporting details and ultimately take action.
|
Compliance Trends Dashboard |
Beyond the Physical: Virtualization
|
|
Virtualization promises to lower operating costs through server consolidation and improved IT agility. With over 70% of the Fortune 1000 currently implementing virtualization, many have not realized how the exponential increase in complexity and systems will complicate ongoing management, security, and compliance efforts.
Configuration Intelligence™ increases visibility and security to virtualized environments. It simplifies the complex by discovering and tracking host/guest relationships, automating administration tasks and extending security, regulatory, and organizational policy compliance across virtual systems.
|
Virtualization Visibility |
Beyond the Service Desk & ITIL
|
|
The traditional Help Desk has now evolved into a full featured Service Desk, becoming the centralized repository (CMDB) for IT incident, problem, release and change management. But without detailed configuration and change information derived from enterprise behavior, Service Desks lack the ability to holistically assess if the overall state of the enterprise improved as a result of ongoing planned changes.
Configuration Intelligence™, through its visibility into all planned and unplanned change, can correlate if actions are having a desired outcome, continuously improving the enterprise stability, security and cost, while obtaining service level goals. Optimization of the Service Desk itself is also achieved through Configuration Intelligence™ Analytics.
|
Closing the Loop on Change |
Beyond Reporting: Analytics
|
|
The challenge of integration across system management tools makes correlation of change in one area of the organization with another difficult, if not impossible. Actions are taken without visibility into understanding if the desired changes are appropriate and correct for the actual state of the enterprise.
Configuration Intelligence™ provides powerful analytics, which correlate change and resulting system behavior, allowing organizations to assure that resources are aligned with results. This alignment lowers IT cost and improves service level by replicating the “right” behaviors across the enterprise. Visibility delivered in "Intelligence Briefs" helps organizations to continuously optimize IT processes.
|
Analytics Intelligence Brief |
Beyond Provisioning
|
|
Today's provisioning systems are designed for lowering IT resource costs through quick, automated deployment of operating systems and applications. Images are built on a scheduled basis, and system troubleshooting is replaced by re-provisioning systems to meet SLAs. While provisioning is ideal for delivering a desired image/state, it is not as suited to agile reaction to security exploit attacks and vulnerabilities. Re-provisioning merely returns the system back to the pre-compromised state, leaving the system and overall infrastructure exposed to further and repeated exploitation.
Configuration Intelligence™ brings to bear relevant data and powerful analytics to identify the appropriate remediation path based on actual configuration state, change information, system dependencies and behavior. This approach ensures the required action is appropriate for the system and the overall infrastructure.
|
SMS Provisioning Alignment |
Measuring the Organizational Impact of Change
Today's leading organizations use proven business intelligence (BI) techniques to meticulously monitor and analyze end user behaviors and continuously improve service quality, reduce resource levels and lower operational costs. However, the largest data creator, IT, has not actively employed the same techniques to continuously improve service quality levels.
To transform IT into a strategic asset, a fresh management approach that mines, analyzes and correlates this rich data must be introduced. Configuration Intelligence™ Analytics represents that approach and the next generation in Systems Management.
IT change can be a good or a bad thing. Given the need to continuously lower operating costs, improve service levels and defeat emerging security threats, having an incomplete understanding of the impact that change has across your organization is not an option.
Configuration Intelligence™ Analytics empowers senior executives and front line managers with the critical insight necessary to manage and transform IT. Across people, processes, and technology, it identifies what's working and what's not – driving out the bad configurations, improving service quality and accelerating process efficiencies.
With Configuration Intelligence™ Analytics, organizations can:
- Improve Decision Support - Correlate configuration and behavioral data into actionable intelligence to make better, faster, and more informed decisions
- Measure Return on Investment - Measure overall effectiveness of best practices, process improvement initiatives (e.g. ITIL), and technology adoption
- Accelerate Continuous Improvement – Proactively optimize service quality and resource efficiency
Configuration Intelligence™ Analytics allows organizations to break out of today's noise and replicate the best practices that result in sustained, continuous improvement.
Learn more »
The Challenge
Virtualization platforms such as VMware ESX server delivers compelling benefits to organizations by enabling server consolidation, power/space savings in datacenter. To effectively manage and secure virtual environments, IT operations need enterprise level visibility into the entire environment. Organizations need to ensure that the rapid deployment does not turn into uncontrolled creation of new virtual servers resulting in a virtual server sprawl. Virtualized environments need to demonstrate compliance with government, industry and vendor standards. Gartner estimates that by 2009, 60% of production VMs will be less secure than their physical counterparts. Thus, hardening of virtual platforms against emerging threats becomes an important requirement for IT operations. To take full advantage of virtualization, IT operations need to revisit and refine their existing IT processes. Configuration, change and compliance management processes need to take into account the dependencies between host and guests in a virtual environment.
The Solution
ECM for Virtualization helps organizations address the complexities associated with security and compliance in virtualized environments. ECM for Virtualization provides
visibility, control and management across the VMware infrastructure from a central console by extending VMware VirtualCenter with compliance capabilities. Using ECM for Virtualization, customers can understand the security posture to comply with VMware™ hardening guidelines and other applicable regulations such as PCI-DSS, Sarbanes-Oxley, GLBA, HIPAA and ISO. ECM for Virtualization enables organizations to enforce VM build policy and gain control over virtual server sprawl.
Virtual Security Posture Dashboard |
Top 10 Non-Compliant Virtual Environments |
Change Management Dashboard |
Key Features
- Virtualization Visibility
- Includes graphical indicators of non-compliance issues across entire virtual
environment. Dashboards provide a view of top 10 non compliant virtual environments, Host and Guest summaries, Virtual environment security
posture.
- Extend VMware VirtualCenter for Compliance
- By using the VirtualCenter Compliance plug-in, you can view compliance of your VMware environment from within VMware VirtualCenter and launch ECM in context.
- Security Hardening and Compliance Toolkits
- Provides out-of-the-box templates that address vendor and
virtualization best practices, regulatory mandates and security hardening guidelines such as:
- CIS benchmarks for VMware ESX server
- VMware hardening guidelines for VMware ESX server and Virtual Center.
- HIPAA
- FISMA
- GLBA
- Sarbanes-Oxley(404)
- DISA STIG
- NERC/FERC
- Reporting
- Out-of-the-box reporting on virtual environment change log, virtual Host and Guest summary, storage
allocation, network configuration and more.
- Guest/Host Relationship Correlation
- Supports management and
security compliance of each Guest, Host and the associated relationships across the entire virtualized landscape.
- Visibility
Into Dormant VMs
- Assesses the security posture of dormant VMs before they can compromise the integrity of the overall
infrastructure. By knowing the security posture of VMs before they went dormant will help you determine if they are vulnerable.
- License Management
- Provides a summary of license usage in virtual environments to aid with license management.
Key Benefits
- Secure Enterprise Visibility
- A single pane of glass to view entire ESX server deployments, enabling you to control your entire ESX infrastructure.
- Ensure Continuous Compliance
- Proven approach ensures that hosts and guests remain in a continuous state of compliance. Make compliance
part of daily operational processes.
- Understand Security Posture
- Authoritative guidance that
your security posture not only complies with vendor-specific hardening guidelines, but also with relevant regulatory mandates affecting your
organization.
- Enforce VM Build Policy
- Detect and remedy guests that violate build policy such as minimum OS
version.
- Control Virtual Sprawl
- Visually map the virtual infrastructure
and track the life cycle of virtual hosts and guests.
The Change Management Process Gap
Today's IT change management tools and processes focus primarily on the change approval (PLAN) and implementation (DO) processes. However, these solutions fail to close the loop and validate (CHECK) the physical changes with the change management process and evaluate the effects of the implemented change (ACT). Too often, even when all four phases are present, the necessary interactions that should flow between them typically are not automated, and in many cases, are non-existent.
Further compounding this change management problem, IT administrators often make unapproved, ad hoc operational changes outside of the approved change process. Because change logs are not reconciled, these out-of-band changes often go unidentified and unmonitored.
Visibility and Process Automation – The Key to Proper Change Control
 The challenge for IT is visibility into and controlling these "invisible," ad-hoc or unplanned changes that bypass the approval process. Over 80% of operational failures are due to unplanned change which represents an enormous risk for IT organizations. Only by closing the change loop can you get visibility into unapproved change and reconcile actual system changes to a change request. Introducing automation reduces workloads and assures consistency of the change management process.
ECM Service Desk Integration Solutions
 ECM Service Desk Integration Solutions links ECM and your Service Desk to deliver an automated, closed loop process for planning, implementing and verifying enterprise change. It provides visibility and control of unauthorized changes and improves overall enterprise and component systems availability, security, and policy compliance. ECM Service Desk Integration Solutions also provides reconciliation and audit verification of the changes made and most importantly, measures how well your internal change management process is working.
|
- Andi Mann
