Support Site

Asset, Patch & Configuration Monitoring

ConsoleWorks helps reduce or eliminate security gaps resulting from configuration changes. Configuration monitoring – management and automated patch analysis are ways to reduce or eliminate security gaps resulting from assets that are not properly configured.

  • Agentless Monitoring
  • Scalability
  • Heterogeneous Deployment
  • Security
  • Log File Security
  • Log Aggregation
  • Audit & Compliance Reporting
  • Session Management
  • Command Control
  • Intelligent Event Modules
  • Event Management
  • Automated Actions
  • Event Remediation
  • Log Forwarder
  • Multiple User Management
  • Logical & Hierarchical Grouping
  • Multi-Connect
1

Maintain asset configuration, patch level in a known state with the highest level of security.

2

Address NERC and other compliance regulations pertaining to notification of asset configuration and patch changes.

3

Eliminate security gaps resulting from assets that are not properly configured or patched.

Asset, Patch, and Configuration Monitoring

ConsoleWorks automates the collection, comparison, alerting, and auditing of configuration and patch changes. This automation reduces human error and minimizes the impact of both intentional and unintentional misconfiguration.

  • Automate configuration and patch data collection
  • Detect unauthorized or unexpected changes
  • Reduce security gaps caused by misconfiguration
  • Maintain continuous configuration awareness

Configuration monitoring reduces security gaps that occur when baseline changes are not documented, patches are not applied, or configuration changes occur without approval. ConsoleWorks maintains asset configurations at a known, secure state.

Monitored Asset Attributes

  • Functional settings that determine how assets operate
  • Installed software versions, including BIOS, firmware, operating systems, and applications
  • Installed patches, including security patches
  • Active ports and their configuration
  • Enabled services
  • User and service accounts
  • Configuration files

These attributes provide the primary indicators of asset security posture and configuration integrity.

Asset, Patch, and Configuration Monitoring Capabilities

Configuration Data Collection

ConsoleWorks captures, documents, and secures configuration data programmatically from managed assets.

  • Retrieve configuration data automatically
  • Store configuration data securely
  • Maintain authoritative configuration records

Baseline Definition and Comparison

ConsoleWorks establishes approved configurations as baselines and compares current asset states against them.

  • Define approved configuration baselines
  • Compare live configurations to approved standards
  • Identify configuration drift and deviations

Automated Patch Analysis

ConsoleWorks collects patch state data and integrates with industry or custom solutions to automate patch gap analysis.

  • Schedule patch state collection
  • Analyze patch gaps automatically
  • Support integration with external patch intelligence sources

Unauthorized Change Detection and Alerting

When ConsoleWorks detects configuration differences, it records the event and alerts designated personnel.

  • Log configuration check activity
  • Detect unauthorized changes
  • Notify appropriate operational staff

Integration with Ticketing and Workflow Systems

ConsoleWorks can generate trouble tickets automatically to initiate investigation or remediation workflows.

  • Create tickets for detected configuration changes
  • Trigger review and resolution processes
  • Integrate with external workflow platforms

Audit Logging and Configuration History

ConsoleWorks records configuration activity down to the keystroke and maintains historical configuration states.

  • Log configuration changes with user attribution
  • Maintain a history of configuration baselines
  • Support forensic analysis and compliance reporting

Automated Patch Analysis Process

NERC CIP-007-6 / R2 requires a patch management process for tracking, evaluating, and installing cybersecurity patches for applicable Cyber Assets, including device drivers. Many utilities see this is a grueling task, requiring many, many man-hours to meet the “every 35-day analysis” required by NERC CIP.

The ConsoleWorks Automated Patch Analysis solution greatly simplifies the process of gathering the information required for patching IT and OT devices – beyond the HMI.

Datasheet

Automated Process

  1. Establish Secure Access to Assets
    ConsoleWorks is configured to access all devices, beyond the HMI, without the need for an agent.
  2. Configure to Collect Appropriate Information
    Once ConsoleWorks has been configured to access the devices, it has knowledge of the OT devices and methods to collect the information.
  3. Initiate 35-Day Analysis Schedule
    ConsoleWorks is configured via a scheduler to automatically initiate the patch analysis process every 35-days, keeping a detailed log for audit purposes.
  4. Perform Automated or Manual Gap Analysis
    Once the current patch state is gathered by ConsoleWorks, the data is sanitized, anonymized, encrypted, and securely transferred for automated or manual gap analysis to be performed. Results are automatically downloaded and processed by ConsoleWorks, using Events as an indication when patches are available. Event severities further indicate whether an available patch is a security patch.
  5. Determine Patch Applicability
    ConsoleWorks produces dashboard reports to organize and communicate the current patch state of the environment. The summary report, produced by Patch Gap Analysis solution, presents information regarding patch gaps that may exist for each asset, including links to the available patch for download.

Initiate Mitigation Plan

Utilities evaluate and install the security patch or initiate a mitigation plan. To further automate the process, ConsoleWorks can integrate with workflow management solutions that provide automated processes for patching, mitigation policies and compliance documentation-required by NERC.

We can help

Reach out today, and we'll talk through how we might be able to help!

Contact us