How to Automate SOX/PCI Breach Detection with UCMDB-CM June 27, 2013

How to Automate SOX/PCI Breach
Detection with UCMDB-CM
June 27, 2013
© Copyright 2013 Vivit Worldwide
Brought to you by
Vivit Configuration Management
System Special Interest Group (SIG)
Leaders: Evan Hamilton and Patrick Wolf
www.vivit-worldwide.org
© Copyright 2013 Vivit Worldwide
Hosted by
Evan Hamilton
Vivit Configuration Management System SIG Leader
VP Services
Cravetek LLC
© Copyright 2013 Vivit Worldwide
Today’s Presenters
Brian Wong
Practice Lead-Enterprise Security
Configure Consulting Inc.
© Copyright 2013 Vivit Worldwide
Justin Harrison
Technical Consultant, HP ITPS
Configuration Consulting Inc.
Housekeeping
• This “LIVE” session is being recorded
Recordings are available to all Vivit members
• Session Q&A:
Please type questions in the Questions Pane
© Copyright 2013 Vivit Worldwide
Webinar Control Panel
Toggle View Window between
Full screen/window mode.
Questions
© Copyright 2013 Vivit Worldwide
How to Automate SOX/PCI Breach
Detection with HP UCMDB-CM
Presenters:
Justin Harrison & Brian Wong
Agenda
About us
1. Compliance Management
2. Leveraging CMS Portfolio
3. What is Configuration
Manager?
4. How Can CM Help With
Compliance?
5. Detection and Remediation
6. “A day in life…” Demo
7. Questions and Answers
As an HP Software and VMware Partner,
Configure Consulting Inc. specializes in
implementing quick-start solutions to
empower IT operations teams with efficiency,
stability and top performance in the delivery of
business services.
Our Services




8#
Professional IT Consulting
Staff Augmentation
Managed Services
Training
www.ConfigureConsulting.com
Compliance Management
IT Infrastructure is diverse, dynamic
and complex
•
•
•
•
•
•
•
9#
Baseline infrastructure standards
Network management policies
Data center server guidelines
Critical applications
High availability requirements
Geographic redundancy
Security policies
www.ConfigureConsulting.com
Compliance Management
Today’s presentation:
Addressing critical compliance challenges using
Configuration Manager
Extracting additional value from the UCMDB
10#
www.ConfigureConsulting.com
Compliance Management
Both SOX and PCI are focused on protecting end user data, here a few sample
requirements:
•
•
•
•
Failovers/back-ups managed in a separate location
Avoid default administrator accounts
Enforce usage of non-standard ports
Network/firewall separation between web servers and related
databases or internal servers
• Ensure anti-virus is installed and updated
Have you struggled to give other
stakeholders visibility into the
data in UCMDB?...
Adding policy-level context to the data already in your CMDB delivers
huge value to compliance teams
11#
www.ConfigureConsulting.com
Leveraging the CMS Portfolio
Data Modeling
Configuration
Manager
Establish baseline and
topological policies
Discovery and
Federation
UCMDB
Apply policies to views,
application maps and
other CI groupings
•
•
•
•
Auto-discovered,
federated and
integrated data
CI attributes and
relationships
12#
•
CI attribute and
relationship change
history
Views, application maps,
service models
Location, criticality, and
other logical information
www.ConfigureConsulting.com
Scan the discovered
environment for likeconfigurations
Graphical interface,
dashboards, reports
What is Configuration Manager?
Configuration Manager helps IT establish configuration standards and
enforce policies that improve the stability of the environment and
enable delivery of standardized services
Example:
Policy with description and graphical view
13#
www.ConfigureConsulting.com
How can CM help with Compliance?
Network
Infrastructure
Private Cloud
Infrastructure
Security
Cloud
Services
14#
Enterprise IT
Brokered
Cloud
Services
Scale and
Accuracy
Uptime and
Maintenance
Enforcing
Policies
Security and
Compliance
 Simplified interface for viewing
and managing various policies
 Standardize IT configurations
 Create and enforce baseline
and topological policies
 Promote better IT
management processes that
adhere to compliance
requirements
www.ConfigureConsulting.com
Automated Breach Detection and Remediation
Use CM to detect compliance breaches that would otherwise go
unnoticed
• Identify unauthorized configuration changes
• Flag policy breaches and notify appropriate parties
• Automatically generate remediation workflow processes
Example:
-Compliance alert
-Remediation engine automatically run
-L1 & L2 automated remediation
-L3 notification generated
15#
www.ConfigureConsulting.com
Demo Overview
Use and regularly update
anti-virus software
Assign a unique ID to each
person with computer access
SQL Server should not use
default port
Critical application servers
should be redundant
16#
www.ConfigureConsulting.com
Recap
• Simplified policy management through views and dashboards
• Standardize and reduce the amount of IT configurations to manage
• Improve IT management processes by driving changes according
to standards and policies
Stay Compliant with CM
17#
www.ConfigureConsulting.com
Questions & Answers
18#
www.ConfigureConsulting.com
Thank You For Your Attention
Justin Harrison
jharrison@configureconsulting.com
www.ConfigureConsulting.com
Brian Wong
brian@configureconsulting.com