Improved Security Capabilities in ConsoleWorks
By Tom Kearns 
Security expectations and requirements are a reality for every business. Here at TDi Technologies, our software engineers work hard to ensure that ConsoleWorks meets or exceeds all of the security needs of our customers and prospects.
Since the release of ConsoleWorks Version 4.6 last year, we’ve introduced a number of changes to ConsoleWorks that improve our Security capabilities. These changes include:
- Improved security of CWClient (CWterm) when used in Actions by improving the Authorization method.
- Reduced vulnerabilities between the server and User Interface and between the server and monitored devices by staying current with SSL and SSH security patches.
- Added visibility within the User Interface of last successful login and any failed login attempts.
- Allowed administrators to set the minimum password length to as long as 32 characters.
- Added a new Windows Event Forwarder (WEF) that uses an encrypted and authenticated connection between the server and Windows systems rather than the unencrypted syslog connection of the past.
- Added new password security controls to meet US Government and other requirements, including: Inactive Password Expiration, Minimum Time Between Password Changes, and Login Lockout after a specified number of failed login attempts.
TDi Technologies uses industry standard development methods including required coding reviews to ensure that new software vulnerabilities are not introduced during the development process. They monitor many sources of information concerning software vulnerabilities and attacks and act to change ConsoleWorks when the need arises.
Requests and inquiries concerning security and ConsoleWorks are given every consideration and almost always result in changes that meet our customers’ needs, especially when related to security standards such as NIST, SOX, NERC CIP, and HIPAA.
If you have any questions concerning ConsoleWorks security please contact Support at Support@TDiTechnologies.com
IT Service Management Best Practices with ConsoleWorks
By Pam Johnson 
ConsoleWorks plays an important role in the ongoing support, operation, maintenance, and management of the foundation of the IT infrastructure. By automating and optimizing specific sub-processes that commonly exist in all organizations, ConsoleWorks creates added value for the IT Service Management (ITSM) practice.
These sub-processes directly impact reliability, availability, security, compliance, and the cost of operations – and they either directly relate to ITSM best practices or indirectly contribute to the stated goals of these practices. ConsoleWorks automates and optimizes ITSM best practices into a far leaner and more comprehensive process in areas where there are disparate tools (or no tools) and manual processes. The result is a considerable improvement in key performance measures such as elapsed time, touch time, cost, and Mean Time to Repair (MTTR).
ConsoleWorks offers these value-added ITSM practices through an integrated software environment that includes a knowledge base used for event detection, prioritization, and diagnosis to form a robust end-to-end closed loop remediation practice. With ConsoleWorks, the “tools of the trade” that normally exist as many independent tools are consolidated into a seamlessly integrated software application.
For more information on ConsoleWorks and IT Service Management, read the Whitepaper: ConsoleWorks for IT Service Management
The ConsoleWorks Approach to Device Monitoring
By Tom Kearns
Virtually all computers, networks, and similar devices have a communication port through which they send boot and status messages. Usually, this console information is lost because it is impractical to monitor and respond to the geographically scattered computing infrastructures common in modern-day businesses.
ConsoleWorks puts an end to this data loss. It monitors information coming from all parts of a networked environment, and, in real time, extracts key events and notifies support staff. ConsoleWorks brings all of the once-discarded console information, status updates, error messages, and anything else in the data stream to a single web-enabled server, scans the data, and responds intelligently.
Furthermore, ConsoleWorks remains fully functional in all modes, including single user, standby, and failure modes. By monitoring and logging consistently and constantly, not just under normal operating conditions, ConsoleWorks also meets the most stringent of compliance practices.
For more information on device monitoring, read The ConsoleWorks® Difference For Monitoring & Management.
Tags
Access Control Audit Automation Best Practice Change Management Compliance Configuration Configuration Ports Cyber Asset Cyber Security Detect Event Detection Event Lifecycle Management Events Forensic Records Healthcare HIPAA IEM Isolate IT Foundation IT Infrastructure IT Operations Log Files Monitoring MTTR NERC-CIP Out-of-Band Patching Patterns PCI Persistence Privileged Interfaces Privileged User Real-Time Records Remediation ROI Root Cause Security Security Risk Simplifying Work Solaris System Administrators Utilities Virtual Machine-
More Blog Posts
-
By Terry Schurter While businesses in all industries occasionally experience some growing pains due to the increasing reliance on technology, financial institutions may be one
-
By Pam Johnson Compliance is one of those subjects that keeps a lot of people up at night. It doesn’t matter what the compliance driver
-
By Tom Kearns What is an IT foundation problem? Problems with the IT foundation mean that something is not functioning properly on a basic level.
-
