How to Automate SOX/PCI Breach Detection with UCMDB-CM June 27, 2013 © Copyright 2013 Vivit Worldwide Brought to you by Vivit Configuration Management System Special Interest Group (SIG) Leaders: Evan Hamilton and Patrick Wolf www.vivit-worldwide.org © Copyright 2013 Vivit Worldwide Hosted by Evan Hamilton Vivit Configuration Management System SIG Leader VP Services Cravetek LLC © Copyright 2013 Vivit Worldwide Today’s Presenters Brian Wong Practice Lead-Enterprise Security Configure Consulting Inc. © Copyright 2013 Vivit Worldwide Justin Harrison Technical Consultant, HP ITPS Configuration Consulting Inc. Housekeeping • This “LIVE” session is being recorded Recordings are available to all Vivit members • Session Q&A: Please type questions in the Questions Pane © Copyright 2013 Vivit Worldwide Webinar Control Panel Toggle View Window between Full screen/window mode. Questions © Copyright 2013 Vivit Worldwide How to Automate SOX/PCI Breach Detection with HP UCMDB-CM Presenters: Justin Harrison & Brian Wong Agenda About us 1. Compliance Management 2. Leveraging CMS Portfolio 3. What is Configuration Manager? 4. How Can CM Help With Compliance? 5. Detection and Remediation 6. “A day in life…” Demo 7. Questions and Answers As an HP Software and VMware Partner, Configure Consulting Inc. specializes in implementing quick-start solutions to empower IT operations teams with efficiency, stability and top performance in the delivery of business services. Our Services 8# Professional IT Consulting Staff Augmentation Managed Services Training www.ConfigureConsulting.com Compliance Management IT Infrastructure is diverse, dynamic and complex • • • • • • • 9# Baseline infrastructure standards Network management policies Data center server guidelines Critical applications High availability requirements Geographic redundancy Security policies www.ConfigureConsulting.com Compliance Management Today’s presentation: Addressing critical compliance challenges using Configuration Manager Extracting additional value from the UCMDB 10# www.ConfigureConsulting.com Compliance Management Both SOX and PCI are focused on protecting end user data, here a few sample requirements: • • • • Failovers/back-ups managed in a separate location Avoid default administrator accounts Enforce usage of non-standard ports Network/firewall separation between web servers and related databases or internal servers • Ensure anti-virus is installed and updated Have you struggled to give other stakeholders visibility into the data in UCMDB?... Adding policy-level context to the data already in your CMDB delivers huge value to compliance teams 11# www.ConfigureConsulting.com Leveraging the CMS Portfolio Data Modeling Configuration Manager Establish baseline and topological policies Discovery and Federation UCMDB Apply policies to views, application maps and other CI groupings • • • • Auto-discovered, federated and integrated data CI attributes and relationships 12# • CI attribute and relationship change history Views, application maps, service models Location, criticality, and other logical information www.ConfigureConsulting.com Scan the discovered environment for likeconfigurations Graphical interface, dashboards, reports What is Configuration Manager? Configuration Manager helps IT establish configuration standards and enforce policies that improve the stability of the environment and enable delivery of standardized services Example: Policy with description and graphical view 13# www.ConfigureConsulting.com How can CM help with Compliance? Network Infrastructure Private Cloud Infrastructure Security Cloud Services 14# Enterprise IT Brokered Cloud Services Scale and Accuracy Uptime and Maintenance Enforcing Policies Security and Compliance Simplified interface for viewing and managing various policies Standardize IT configurations Create and enforce baseline and topological policies Promote better IT management processes that adhere to compliance requirements www.ConfigureConsulting.com Automated Breach Detection and Remediation Use CM to detect compliance breaches that would otherwise go unnoticed • Identify unauthorized configuration changes • Flag policy breaches and notify appropriate parties • Automatically generate remediation workflow processes Example: -Compliance alert -Remediation engine automatically run -L1 & L2 automated remediation -L3 notification generated 15# www.ConfigureConsulting.com Demo Overview Use and regularly update anti-virus software Assign a unique ID to each person with computer access SQL Server should not use default port Critical application servers should be redundant 16# www.ConfigureConsulting.com Recap • Simplified policy management through views and dashboards • Standardize and reduce the amount of IT configurations to manage • Improve IT management processes by driving changes according to standards and policies Stay Compliant with CM 17# www.ConfigureConsulting.com Questions & Answers 18# www.ConfigureConsulting.com Thank You For Your Attention Justin Harrison jharrison@configureconsulting.com www.ConfigureConsulting.com Brian Wong brian@configureconsulting.com
© Copyright 2024