The ConsoleWorks Approach to Device Monitoring
By Tom Kearns 
Virtually all computers, networks, and similar devices have a communication port through which they send boot and status messages. Usually, this console information is lost because it is impractical to monitor and respond to the geographically scattered computing infrastructures common in modern-day businesses.
ConsoleWorks puts an end to this data loss. It monitors information coming from all parts of a networked environment, and, in real time, extracts key events and notifies support staff. ConsoleWorks brings all of the once-discarded console information, status updates, error messages, and anything else in the data stream to a single web-enabled server, scans the data, and responds intelligently.
Furthermore, ConsoleWorks remains fully functional in all modes, including single user, standby, and failure modes. By monitoring and logging consistently and constantly, not just under normal operating conditions, ConsoleWorks also meets the most stringent of compliance practices.
For more information on device monitoring, read The ConsoleWorks® Difference For Monitoring & Management.
ConsoleWorks Fully Supports The Role of the Privileged User
By Tom Kearns
According to the 2012 Verizon Data Breach Investigations Report Industry Snapshots, “Intellectual Property tends to reside deeper inside the organization under several layers of security, but insiders certainly know where it is and how to access it.
Regarding the types of insiders contributing to IP theft, regular employees (end users) accounted for the largest percentage (roughly two-thirds). They were followed closely by financial staff and executives, and system/network admins [who] brought up the rear.”
ConsoleWorks Represents a New Approach To Event Monitoring and Logging – When Nothing Can Be Lost. “While the most secure access profile eliminates privileged access altogether, this is unreasonable as staff is needed to service the IT Infrastructure, address security threats, perform IT maintenance, and respond to emergencies.”
With ConsoleWorks, organizations can focus on “real-time” and “persistent” methods of secure detection while allowing enterprises to greatly benefit from saving time, effort and money.
By monitoring and logging consistently and constantly, in all modes of operation, not just under normal operating conditions, ConsoleWorks meets the most stringent of compliance practices.
Event Lifecycle Management – Auditing and Reporting on Events
By Pam Johnson 
The final piece of the Event Lifecycle Management puzzle that I will discuss is event reporting. Reporting on all events is critical to shift changes, compliance, and audit actions. ConsoleWorks keeps detailed audits and digitally signed logs of administrative, user, and event activity along with the information flow from each managed element.
Users may generate real-time reports containing detailed or summary information from the physical machine, logical asset, and the hardware devices and systems – reporting at the lowest, most granular level. These reports give information about where and when the events occur, what was done to resolve a problem, and who resolved it – what was added, deleted, or modified within that managed asset.
The type of information reported on may include dates, times, and details of key events, records of successful and rejected access attempts, system administrator and operator activities, and much more. ConsoleWorks reports may also be customized to provide documentation to assist in compliance and audit requirements for PCI, HIPAA, SOX, NERC-CIP, and others. The log files generated by ConsoleWorks are digitally-signed, time-stamped, and tamper-evident to meet the most stringent documentation standards.
For additional information on Auditing and Reporting Events and the ConsoleWorks® Complete Event Lifecycle Management Solution, download the Solution Brief: A Complete Solution for Event Lifecycle Management
Additional Event Lifecycle Management blog articles are available at the links below:
- Event Lifecycle Management and its Value in the Compliance Process
- Event Lifecycle Management – Event Detection
- Event Lifecycle Management – Logging Events
- Event Lifecycle Management – Analyzing Events
- Event Lifecycle Management – Notifying When an Event Occurs
- Event Lifecycle Management – Remediating an Event
- Event Lifecycle Management – Acknowledging, Validating, and Purging an Event
Tags
Access Control Audit Automation Best Practice Change Management Compliance Configuration Configuration Ports Cyber Asset Cyber Security Detect Event Detection Event Lifecycle Management Events Forensic Records Healthcare HIPAA IEM Isolate IT Foundation IT Infrastructure IT Operations Log Files Monitoring MTTR NERC-CIP Out-of-Band Patching Patterns PCI Persistence Privileged Interfaces Privileged User Real-Time Records Remediation ROI Root Cause Security Security Risk Simplifying Work Solaris System Administrators Utilities Virtual Machine-
More Blog Posts
-
By Tom Kearns Virtually all computers, networks, and similar devices have a communication port through which they send boot and status messages. Usually, this console
-
By Terry Schurter Heavy investments have been made to solve service issues, but while the problem is supposedly ‘solved’ – disruptions still occur! Although this
-
By Terry Schurter If you could slash Mean Time To Repair (MTTR) down to a fraction of what it is now would you do so?
-
