Home
 

SCM centralizes and automates the monitoring, managing and auditing of hardware and software configurations across Windows, UNIX and Linux platforms, offering:

  • Vulnerabilities Assessment and Remediation
  • Regulatory & Operational Compliance
  • Configuration Management & Control
  • Change Management
  • Risk Prevention and Security Management
  • System Optimization
 
 
Share this information

Server Configuration Manager (SCM) Modules

SCM Modules extend Server Configuration Manager beyond the operating system to business-critical, back office and application areas. The product modules provide additional data collection, analysis and reports in a user-friendly dashboard format.

SCM Modules were created to not only supplement Server Configuration Manager, but to provide an unsurpassable edge over other continuous compliance solutions.

Server Advisor

 
Security Update Manager for Windows Datasheet:
Server Advisor for Windows
Security Update Manager for UNIX Datasheet:
Server Advisor for UNIX
Enterprise Configuration Manager Try our latest version of SCM
 

NOW AVAILABLE: Server Advisor for UNIX

Server Advisor, SCM's patch assessment and verification module, ensures continuous enterprise security for Windows, Linux and UNIX platforms. SUM provides intelligent security patch assessment, remediation and verification.

Using a comprehensive Configuration Management Database (CMDB), Server Advisor instantly assesses entire networks to detect vulnerabilities and deploy required patches to all the target machines. By leveraging the vast repository of configuration information stored in the SCM database, users can quickly view the current configurations and patch status of the machines on their networks. Then, using remote patch distribution points, enterprises can update their entire infrastructure using minimal bandwidth to machines - even inside a firewall-protected DMZ.

Server Advisor for Windows supports delivery of security updates for over 100 Windows applications including Microsoft BackOffice, SQL Server, Exchange, Internet Explorer, and MDAC, to name a few. Also, Server Advisor provides security remediation for Spanish, French and Danish Windows operating systems.

Security Update Manager Assessment
Server Advisor Assessment

Server Advisor for UNIX delivers a cost-effective way to quickly, accurately and securely deliver and monitor system patches across your UNIX & Linux infrastructure. Along with Server Advisor for Windows, you can protect your entire enterprise. Server Advisor for UNIX provides intelligent security patch assessment, delivery and verification. Server Advisor for UNIX supports patch assessment, deployment and compliance across Solaris, AIX, RedHat and SUSE Linux environments.

Server Advisor's automated configuration change management and maintenance ensure that each machine conforms to the rigorous security and configuration settings defined by industry best practices and guidelines.

Patch Deployment is Just a Small Part of the Overall Compliance Process

Patching alone does not secure an enterprise – proper system configuration is the most effective way to lower risk.

By leveraging the vast repository of configuration information in the Server Configuration Manager's CMDB, organizations can quickly conduct a pre-deployment assessment to ensure machines are configured correctly and minimum requirements are met prior to installing patches. This approach dramatically increases patch success rates in large enterprises and reduces the network bandwidth required to secure machines across the enterprise. Through SCM/Server Advisor detailed assessment, exposure to enterprise vulnerability such as accounts without proper passwords, security services that are disabled or at the wrong version, and improper configuration settings are quickly identified and remediated. Once configured correctly, patches can be deployed natively with SCM/Server Advisor or through third party tools like SMS or WSUS.

Assessment and Verification are Key; It's Not Just About Pushing a Patch

To ensure first time success in patching Windows-based machines in your organization, Server Advisor for Windows leverages assessment helpers developed by the Center for Policy & Compliance. The Center researches and tests all Microsoft security packages prior to delivery and documents details on the actual files deployed and any configuration changes made to the system. Server Advisor leverages the assessment helpers not only to determine which machines require patching (and avoid pitfalls that may inhibit effective patch deployment) but also to conduct a post deployment audit to ensure full compliance.

Server Advisor Security Updates for Windows are generally available within 24 hours of Microsoft release and are automatically installed from the secure customer portal. After release, the Server Advisor assessment helpers continue to provide protection by ensuring servers and workstations remain within full compliance. If a problem on the machine occurs due to the patch, SCM/Server Advisor supports full patch rollback to the previous configuration state, thereby removing the risk associated with enterprise remediation.

Unix Patch Dashboard
Unix Patch Dashboard

Server Advisor Security Updates for UNIX platforms are available based on vendor defined criticality and customers can use Server Advisor for UNIX to deploy the downloaded patches to their environment. Server Advisor for UNIX supports a proven patch assurance process that checks that the patch is not already installed since last assessment, performs custom pre-deployment steps, deploys the patch, performs custom post-deployment steps and performs verification that the patch deployment was successful.

Supercharging Your Existing Patching Solution

The keys to a good security remediation tool are coverage, speed and accuracy. Using SCM/Server Advisor, enterprises can supercharge their existing patching solutions, improving performance in all three areas.

Using SCM/Server Advisor together, organizations can quickly discover machines without patch and anti-virus clients installed. Once found, SCM/Server Advisor can automatically install the missing service or application. If the client is found, it can quickly verify the service is at the correct version, that it is running and configured correctly.

SCM/Server Advisor supports right-click remediation from within compliance dashboards and charts, greatly simplifying the process between reporting and action. Server Advisor assessment helpers provide independent auditing and verification of patch success.

The Challenge

 
Download Compliance Checker for VMware ESX Download:
Compliance Checker for VMware ESX
Datasheet Datasheet:
SCM for Virtualization
White Paper White Paper:
Virtualization Security Essentials
Webinar Webinar Archive:
Virtualization: Security and Compliance Considerations
 

Virtualization platforms such as VMware ESX server delivers compelling benefits to organizations by enabling server consolidation, power/space savings in datacenter. To effectively manage and secure virtual environments, IT operations need enterprise level visibility into the entire environment. Organizations need to ensure that the rapid deployment does not turn into uncontrolled creation of new virtual servers resulting in a virtual server sprawl. Virtualized environments need to demonstrate compliance with government, industry and vendor standards. Gartner estimates that by 2009, 60% of production VMs will be less secure than their physical counterparts. Thus, hardening of virtual platforms against emerging threats becomes an important requirement for IT operations. To take full advantage of virtualization, IT operations need to revisit and refine their existing IT processes. Configuration, change and compliance management processes need to take into account the dependencies between host and guests in a virtual environment.

The Solution

SCM for Virtualization helps organizations address the complexities associated with security and compliance in virtualized environments. SCM for Virtualization provides visibility, control and management across the VMware infrastructure from a central console by extending VMware VirtualCenter with compliance capabilities. Using SCM for Virtualization, customers can understand the security posture to comply with VMware™ hardening guidelines and other applicable regulations such as PCI-DSS, Sarbanes-Oxley, GLBA, HIPAA and ISO. SCM for Virtualization enables organizations to enforce VM build policy and gain control over virtual server sprawl.

Virtual Security Posture Dashboard
Virtual Security Posture Dashboard
Top 10 Non-Compliant Virtual 

Environments
Top 10 Non-Compliant Virtual Environments
Change Management Dashboard
Change Management Dashboard

Key Features

Virtualization Visibility
Includes graphical indicators of non-compliance issues across entire virtual environment. Dashboards provide a view of top 10 non compliant virtual environments, Host and Guest summaries, Virtual environment security posture.
Extend VMware VirtualCenter for Compliance
By using the VirtualCenter Compliance plug-in, you can view compliance of your VMware environment from within VMware VirtualCenter and launch SCM in context.
Security Hardening and Compliance Toolkits
Provides out-of-the-box templates that address vendor and virtualization best practices, regulatory mandates and security hardening guidelines such as:
  • CIS benchmarks for VMware ESX server
  • VMware hardening guidelines for VMware ESX server and Virtual Center.
  • HIPAA
  • FISMA
  • GLBA
  • Sarbanes-Oxley(404)
  • DISA STIG
  • NERC/FERC
Reporting
Out-of-the-box reporting on virtual environment change log, virtual Host and Guest summary, storage allocation, network configuration and more.
Guest/Host Relationship Correlation
Supports management and security compliance of each Guest, Host and the associated relationships across the entire virtualized landscape.
Visibility Into Dormant VMs
Assesses the security posture of dormant VMs before they can compromise the integrity of the overall infrastructure. By knowing the security posture of VMs before they went dormant will help you determine if they are vulnerable.
License Management
Provides a summary of license usage in virtual environments to aid with license management.

Key Benefits

Secure Enterprise Visibility
A single pane of glass to view entire ESX server deployments, enabling you to control your entire ESX infrastructure.
Ensure Continuous Compliance
Proven approach ensures that hosts and guests remain in a continuous state of compliance. Make compliance part of daily operational processes.
Understand Security Posture
Authoritative guidance that your security posture not only complies with vendor-specific hardening guidelines, but also with relevant regulatory mandates affecting your organization.
Enforce VM Build Policy
Detect and remedy guests that violate build policy such as minimum OS version.
Control Virtual Sprawl
Visually map the virtual infrastructure and track the life cycle of virtual hosts and guests.

SCM for Active Directory®

 
Datasheet Datasheet:
SCM for Active Directory
Datasheeet Datasheet:
Server Configuration Manager
 

SCM (Enterprise Configuration Manager) for Microsoft® Active Directory® (AD) spans multiple domains and forests to collect configuration data, objects and changes to simplify AD management and automate compliance. Administrators using the module can quickly ensure role holder redundancy prior to server maintenance deactivation, receive alerts about changes to key AD groups, objects and attributes and proactively assure compliance with Microsoft AD best practices for security and operations.

Visibility across the entire Active Directory environment, not just by server

SCM for AD addresses one of the biggest challenges facing organizations administering tens, even hundreds of AD servers – enterprise visibility. By consolidating and managing AD through SCM, this module simplifies troubleshooting by alleviating the need to traverse between multiple native tools and login to multiple domain controllers. Administrators make better decisions and save significant time because all relevant information is provided within a single report. Best of all, SCM for Active Directory's built-in tracking of directory changes assures IT managers that changes delegated to Administrators are in compliance with corporate standards, resulting in an effective, efficient and secure enterprise.

Enhanced Security Management

SCM for Active Directory improves the overall integrity of your enterprise by providing continuous security assessment and change alerting on AD. With SCM for Active Directory, Administrators can easily:

  • Track Access Control Entry (ACE) or other critical security based changes that may not have been approved or occurred outside designated change windows.
  • View changes to group membership across AD servers within a single report.

Automated Compliance Assessments

SCM for Active Directory assures the integrity of corporate information and lowers IT audit costs by providing automated compliance assessments against Microsoft Security Best Practice Guides, industry best practices and corporate policies. SCM for Active Directory leverages SCM's Compliance Toolkits, which contain rule-based templates, reports and dashboards that ensure compliance to security guidelines, regulatory mandates and corporate policies.

AD Change Management Dashboard
AD Change Management
Dashboard
AD Configuration Information Dashboard
AD Configuration Information Dashboard
AD Compliance Results
AD Compliance Results

Automated Change Reconciliation Through SCM Service Desk Integration

 
Datasheeet Datasheet:
SCM Service Desk Integration Solutions
Datasheeet Datasheet:
Server Configuration Manager
 

SCM Service Desk Integration Solutions enable the automation of operational processes, linking change and configuration management, as well as automating the intersecting transitions from the change approval processes to the implementation and verification processes, and closing the loop back to the Service Desk to complete the entire change process.

  • Automated discovery and creation of structured Requests for Change (RFCs)
  • Delivery of accurate, actionable RFC decision support information
  • Enterprise–wide, cross platform implementation of required RFC changes
  • Rapid, comprehensive change audit verification
  • Proactive reconciliation of planned from unplanned change (Delivered through SCM)
  • Change management process effectiveness measurement

By linking configuration and change management processes, SCM Service Desk Integration Solutions delivers visibility and control of unauthorized changes and improves overall enterprise and component systems availability, security, and policy compliance. It provides audit verification the changes were made and most importantly, measures how well the internal change management process is working.

SCM Service Desk Integration Solutions Features

  • Connection to the leading Service Desk solutions by BMC, HP, CA, IBM, Oracle and others
  • Flexible & extendable architecture delivers a workflow platform that quickly customizes the change management process to align with your organization
Workflow Automation