TDi Technologies Announces New ConsoleWorks© Server Multi-Connect Efficiency Module
Plano, TX August 12, 2011 – TDi Technologies, the leader in Information Technology Foundation Management (ITFM), today announced a new ConsoleWorks© Server Efficiency Module. The Multi-Connect Module provides the ability to easily connect and manage up to 40 physical or virtual devices simultaneously from a single ‘master console’.
ConsoleWorks Multi-Connect greatly simplifies mundane, time-consuming and repetitive tasks such as patch distribution or global configuration changes on groups of servers, routers, switches, and other infrastructure components.
“The powerful capabilities of Multi-Connect can easily pay for itself in a matter of months”, said Pam Johnson, Director of Solutions Marketing for TDi Technologies. “One of our larger ConsoleWorks customers has been able to significantly reduce the man-hours required for patching by 3x, saving them over a million dollars a year.”
Since a large percentage of patches are addressing security vulnerabilities, the pressure to roll them out faster is greater than ever. To that end, all of the information required to identify and access each of the devices within the group is managed by ConsoleWorks. The administrator no longer needs to remember device names, access method, and login information – significantly reducing the amount of time required to roll-out new software patches.
From a single master console, during the patching process, all devices in the group are continuously monitored so that issues can be immediately identified and addressed. At the same time, all activities are fully recorded, at the keystroke level, making it extremely easy to provide a detailed, forensic record for compliance purposes.
“In order to maintain operational availability, integrity and confidentiality of the IT systems, organizations recognize that having an organized and efficient patch distribution approach is extremely critical,” said Terry Schurter, Vice President of Marketing at TDi Technologies. “ConsoleWorks Multi-connect was designed to extend the capabilities and efficiency of the IT resources giving them the ability to respond more timely with less effort and fewer errors”.
For more information on ConsoleWorks Multi-Connect, check out the ConsoleWorks videos or contact us.
ConsoleWorks© Server
ConsoleWorks is the leading IT Foundation Management solution on the market. The ConsoleWorks Server is the high-performance engine that handles information flow processing, business rule execution, pattern matching, role-based security, and signed log-file generation. It handles all input and output for the IT foundation, serving this data up as needed and is capable of managing more than 1000 connections per sever invocation. The ConsoleWorks Server is a complete IT Foundation Management solution package.
About TDi Technologies
TDi Technologies is the leader in IT Foundation Management, delivering IT Foundation Management solutions to a global customer base with key verticals including Financial Services, Telecommunications, Utilities, Healthcare, and Government. The company’s solutions help customers reduce operating costs, meet foundational compliance requirements, secure the IT foundation, and improve IT Service delivery. TDi Technologies is the first solution provider to offer a unified system of operation and management over the IT foundation. The company’s patented technology provides automation, optimization, control and management capabilities that dramatically improve the ability of IT to meet the demands of the business.
Solving the Challenge of One Interface and Many Administrators
By Tom Kearns
A new capability in ConsoleWorks Version 4.5 is now able to solve a very pressing problem that has existed for a long time. The problem is that for many privileged interfaces there can be multiple users that need to work over a single interface at the same time. Two classic examples are operating system interfaces and database administration interfaces. It is common for multiple system administrators (SAs) to be logged into an operating system performing different activities concurrently just as it is for database administrators (DBAs) to be logged into administrative DB sessions at the same time. The number of “concurrent” users can vary a lot, but in some cases exceed 50 concurrent users.
The problem is that in these scenarios it is extremely difficult to manage this concurrent activity effectively and to generate accurate information about each user as an independent set of records. More and more, organizations need real-time visibility over these concurrent user sessions with transparency, visibility, control and forensic records for each – just like ConsoleWorks has always provided for single-user sessions. However, even with ConsoleWorks managing multiple users like we would, single user sessions have historically been a real challenge.
With the release of ConsoleWorks 4.5 this problem has been solved. Now multiple users can access the same privileged interface in their own private session! Multi-session creates private user sessions on demand to interfaces like operating systems and databases. User activity is recorded by individual and by all activity on a given connection target. Sessions are also private for users, no matter how many users need to access an interface at the same time. Individual (private) sessions are created as needed and then closed when work is complete to mimic the real nature of how people perform their work.
This new capability extends IT Foundation Management security and compliance to multiple, concurrent users accessing the same target for different reasons – a common occurrence on operating systems, databases, and other IT assets.
Making Solaris sulog Monitoring Easy and Actionable
By Tom Kearns
What is su? In Solaris server environments the su command (switch user) is often used to switch ownership of a login session to root or to any other user. su is a safer way for administrators on multi-user systems to use the system than to routinely log on as the root user. There is much less potential for accidental or malicious damage if an administrator first logs on as an ordinary user (who, by default, has very limited system privileges) and uses that account for routine tasks that do not require root’s sweeping powers. su can then be used to switch to the root account for only those operations that actually require root access.
The su command is logged by Solaris in the sulog. The information in the sulog includes:
1) date – time
2) successful (+) or unsuccessful (-)
3) terminal the su command was issued from
4) user executing the su command
5) user being switched to
Why is monitoring su Important? The use of the su command has both security and compliance implications. It is commonly used to switch from a restricted account to an unrestricted root account to perform a more privileged activity. The switching of accounts by a user must be documented to meet security policies and compliance requirements because it usually includes a change of security privileges and has user identity implications.
How does ConsoleWorks Help? ConsoleWorks can tail sulogs so that each new piece of information written to the logs will be picked up and pulled into ConsoleWorks (in real-time) for recording, scanning (by user-defined patterns), and event detection. This automates the task of reviewing sulogs and produces a comprehensive audit trail. That satisfies the compliance piece (while making it a lot simpler and more accurate than reviewing the logs in arrears).
From a security perspective there are multiple scenarios. For the scenario described above, the scanning (patterns) are defined by the security policy so that issues can be raised in real-time and addressed. This meets both security and compliance requirements for many situations.
Where security policies are more stringent, ConsoleWorks would normally be used as the gateway for access to the Solaris servers so that every keystroke can be monitored, scanned, and logged to ensure we have a definitive record of everything users do (including using the su command).
Finally, in highly secure environments we would normally include PKI in order to reject any attempts to connect to the Solaris server outside of ConsoleWorks. This is used to ensure we have a completely accurate record of all privileged user activity.
Tags
Access Control Audit Automation Best Practice Change Management Compliance Configuration Configuration Ports Cyber Asset Cyber Security Detect Event Detection Event Lifecycle Management Events Forensic Records Healthcare HIPAA IEM Isolate IT Foundation IT Infrastructure IT Operations Log Files Monitoring MTTR NERC-CIP Out-of-Band Patching Patterns PCI Persistence Privileged Interfaces Privileged User Real-Time Records Remediation ROI Root Cause Security Security Risk Simplifying Work Solaris System Administrators Utilities Virtual Machine-
More Blog Posts
-
By Pam Johnson CIP-005-4 is focused on Electronic Security Perimeter(s). Section R2 is titled “Electronic Access Controls” and is further defined as: R2. Electronic Access
-
By Tom Kearns What is persistent security? Traditional security practices focus primarily on normal operations and require documentation to be performed manually. IT Foundation Management
-
TDi Technologies, the leader in IT Foundation Management, today announced their participation in the EPRI Substation Remote Access Workshop, held at the Knoxville, TN Smart
-
