• ConsoleWorks® Solves the
    Tough Challenges

    • Privileged Access Management (inband, out-of-band)
    • Continuous Monitoring (real-time, no agents)
    • Configuration Management (automated w/ oversight)
    • Improved Uptime (streamlined IT Operations)
    • Proactive Service Level Management
    • Secure, Remote Access (anytime, anywhere)
    • Automated Compliance Data Capture and Reporting
    • Physical, Virtual, Private Cloud, Public Cloud
    • Servers, Routers, SANs, Firewalls - Device Agnostic
    • Complete Management of the IT Foundation

    Contact us FAQ

NEW! ConsoleWorks Version 4.8

The ConsoleWorks 4.8 release added a number of enhancements for Auditing, Change History, Encryption, Password Management and overall usability.

New features of ConsoleWorks 4.8:

  • Configuration Change Control Audit
  • Secure Logging with Cryptographic 'Hash'
  • Last Login Enhanced with Connection Information
  • Enhanced Logs Purpose-built for Audits
  • Time-based Access Control Rules
  • CWScripts Enhanced with Interactive Prompts

NERC-CIP & SMART GRID SOLUTIONS

ConsoleWorks directly addresses NERC-CIP requirements in key areas where we are pioneering the cyber security practices of tomorrow. See how ConsoleWorks maps to the latest NERC CIP V5 requirements.

Baseline Configuration Management

Learn about NERC-CIP-010-5 R1 R2 Requirements Whitepaper

Remote Access Management

Learn about NERC-CIP-005-5 R2 Requirements Whitepaper

Configuration Port Security

Learn about NERC-CIP-007-5 R1 Requirements Whitepaper
  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook

Privileged Access Management

The ConsoleWorks Unified In-band and Out-of-Band Privileged Access Management Solution


Privileged access occurs every day to support business operations. ConsoleWorks provides a one-stop solution for privileged access management for both in-band and out-of-band operations. Get the solution brief to learn more about privileged access management and the ConsoleWorks unified in-band and out-of-band solution.

Learn more about securing in-band and out-of-band interfaces
  • Meet Demands
  • Prove the Practice
  • Fill the Gaps
Security
  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook

Baseline Configuration Management

Device and Platform Agnostic Support for All Routable Protocol Devices


Baseline configuration management (BCM) is an important part of defending the security of our nation’s critical infrastructure. It helps to establish and retain a set of secure configuration profiles across hundreds, often thousands, of cyber assets. Get the whitepaper to learn more about baseline configuration management.

Learn more about Baseline Configuration Management
  • Automated Device Configuration Retrieval
  • Logging for All Devices
  • Digitally-Signed Logs
Security
  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook

Problems Solved

Traditional IT infrastructure approaches stop short of meeting the needs of the IT Foundation

What's Missing in the IT Infrastructure Management approachThey take a top-down approach that ends where the IT foundation starts. ConsoleWorks takes a different approach, a bottom-up approach. The approach is different. The technology is different. The problems solved are different and the results are remarkable.

Get the Whitepaper

NERC-CIP & SMART GRID SOLUTIONS

ConsoleWorks directly addresses NERC-CIP requirements in key areas where we are pioneering the cyber security practices of tomorrow.
  • Baseline Configuration Management
    Automate for increased security and reduced cost Learn More
  • Remote Access Management
    True network separation, unique security features Learn More
  • Configuration Port Security
    Defend against the most prevalent insider threat Learn More

Privileged Access Management

The ConsoleWorks Unified In-band and Out-of-Band Privileged Access Management Solution
Privileged access occurs every day to support business operations. ConsoleWorks provides a one-stop solution for privileged access management for both in-band and out-of-band operations. Get the solution brief to learn more about privileged access management and the ConsoleWorks unified in-band and out-of-band solution.
Learn more about securing in-band and out-of-band interfacesSecurity

Whitepaper: ConsoleWorks and OpenVMS

In Q4 of 2011, TDi Technologies conducted a survey with our OpenVMS customers/users. This whitepaper presents the findings from that survey.
ConsoleWorks and OpenVMS Whitepaper
Learn more about ConsoleWorks for OpenVMS OpenVMS Solutions

Testimonials

ConsoleWorks allows us to enforce the ITIL framework and the accountability on critical network servers by recording the server logs from the root accounts. These logs are then safely stored and saved in ConsoleWorks, where no one can tamper with them.
Global Tools Lead, Leading Global Services Provider
“With ConsoleWorks, we can manage the entire (EMS) system across multiple states from a single screen at a single location, and we know instantly if there is a problem.”
Ed Lim, IT Unix Specialist, PacifiCorp
As a group, we feel we are on a mission to inform all the customers we can that there is potential danger from the Insider Threat that could bring them to their knees.
Brian Mitchell, General Manager, Hospital & Physician Practice and Technology Sales, GE Healthcare
TDi Technologies' solutions address the issues we currently face. The most powerful benefits of ConsoleWorks include the unlimited potential to solve problems, access and manage all consoles on the network, and meet compliance.
Senior Systems Engineer, Leading US Telco
Any utility company that installs ConsoleWorks is way ahead of the game when it comes to NERC compliance. We’re happy with the support we receive from TDi. When we need it, it’s there.
IT Director
We are so dependent upon this solution environment in our process, that for our government client, we actually make it part of our disaster recovery operation and execute the whole thing on the ConsoleWorks console.
Service Manager, Leading IT Outsourcing Company
ConsoleWorks's new Virtual Serial Port Concentrator functionality meets important requirements for mission-critical production environments that many of our customers require, providing a complementary solution to our industry-leading virtualization and cloud platform.
Parag Patel, vice president, Global Strategic Alliances, VMware

In the News

Latest Blog Entries

  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook

By Pam Johnson Pam Johnson Headshot

The diversity of devices and their geographical locations are significant parts of the challenge in securing these configuration ports. Many of these devices do not allow or support the installation of a local software agent to help logically secure them, and virtually no software agents can effectively manage the actual configuration ports themselves. Because of this, most control devices are only secured through physical security (locks, gates, walls, doors).

In order to effectively secure configuration ports while meeting NERC-CIP requirements, access to all configuration ports must be controlled and all activity over these ports must be automatically logged to provide a forensic record of this activity. These are both requirements.

These physical ports provide a special level of privileged access that can be used to:

  1. Change Configuration
  2. Upgrade Firmware or BIOS
  3. Build-out devices that have components (like servers)
  4. Perform a variety of Administrative functions
  5. Perform emergency repair or failure recovery when no other port is accessible

See how ConsoleWorks addresses this challenge at this link.

  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook

By Pam Johnson Pam Johnson Headshot

Per CIP-007-5, all ports should be either secured or disabled. This obviously includes configuration ports. However, most substation devices do not allow the disabling of these ports nor should these ports be disabled as they serve important purposes, including being the primary configuration or emergency access port.

Instead, these ports must be secured.

Virtually all electronic devices with communication capability have configuration ports. For modern servers, baseboard management controllers that are networkable are the common configuration port technology. Older servers, routers, switches, firewalls, IED’s, RTU’s, etc. have serial privileged configuration ports, often network-enabled with terminal servers.

Configuration ports exist on almost every device used in Utility operations.  Control systems and control devices have configuration ports. Virtually every PLC, RTU, and IED has a configuration port (usually a privileged serial port with command and control access to the device‘s core program and operating system functions). In remote locations, such as substations and endpoints (poles), there are found many devices that have configuration ports.

From the control room to the sub-station to the pole, these physical ports provide a special level of privileged access that can be used to:

  1. Change Configuration
  2. Upgrade Firmware or BIOS
  3. Build-out devices that have components (like servers)
  4. Perform a variety of Administrative functions
  5. Perform emergency repair or failure recovery when no other port is accessible
  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook

By Pam Johnson Pam Johnson Headshot

TDi Technologies’ advancements in configuration management technology provides the much needed managerial visibility and control over unintended or unapproved changes to IT devices, eliminating the major sources of human error or nefarious activity that can impact overall security and operations.

There are a number of areas where Configuration Management adds significant value to both Security and Operations:

  • Better visibility and accountability of the configuration of devices on a network
  • Minimized trouble shooting time for downtimes caused by configuration issues
  • Reduced downtime with time alerts, alarms on identification of unauthorized configuration changes
  • Adherence to device configuration standards, software versions, and hardware
  • Proof of compliance to cyber security regulatory standards

Additional information is available on the ConsoleWorks Baseline Configuration Management solution at this link.

  • LinkedIn
  • Twitter
  • RSS
  • Yahoo! Buzz
  • email
  • Google Bookmarks
  • Technorati
  • Facebook
Google Analytics Alternative