Ensuring that systems are always configured properly is critical to both compliance and security initiatives. But gaining visibility into system configurations and their compliance status is a significant challenge, especially with the rapid rate of change in enterprise networks. Additionally, demonstrating to auditors that systems are compliant can be a manual, time consuming project that is inefficient and potentially ineffective.
nCircle Configuration Compliance Manager™ automates enterprise-wide configuration auditing, change analysis and file integrity monitoring, providing continuous visibility into the compliance of IT system configurations and the impact of changes. The integrated policy engine compares actual configurations to internal policy or best practice benchmarks, prioritizing the risk and compliance impact of configuration changes. Automating configuration auditing enables a greater level of security and dramatically reduces preparation time for IT audits conducted for regulations such as Payment Card Industry Data Security Standard (PCI), Sarbanes-Oxley or HIPAA. Configuration Compliance Manager’s continuous change-centric process lowers costs and increases uptime by ensuring that systems remain configured in compliance with organizational policies.
The nCircle CCM highlights include:
• Comprehensive network coverage
• Agentless file integrity monitoring including: checksum, change originator, file size, version creation date and modified date
• Sophisticated risk prioritization algorithms identify the most urgent problems
• Flexible reporting and dashboards provide compliance data to the appropriate audience
The nCircle Configuration Compliance Manager agentless configuration auditing solution provides key technology breakthroughs that enable faster and more effective audit preparation:
Agentless Architecture - Because it does not require the installation of software agents on devices, nCircle Configuration Compliance Manager can monitor a wide variety of systems not typically supported by standard agent-based applications, such as routers, switches, and firewalls and addition to mobile devices and can be made operational by a small team in a matter of hours. Configuration Compliance Manager can even conduct file integrity monitoring without the use of agents.
Integrated Policy Engine and Rich Policy Library - nCircle Configuration Compliance Manager comes with a rich library of pre-built policies, including prescriptive policies from NIST, CIS and Microsoft and regulatory policies including PCI, Sarbanes-Oxley, and HIPAA. The policy engine enables customizing these policies for an organization’s particular needs or creating new policies. With just one click, you can even create a policy based on the configuration of a particular system (such as the “gold” image for new servers).
nCircle Configuration Compliance Manager provides pre-built policies and benchmarks from NIST, CIS, and Microsoft, and also supports customized, user-generated policies.
Configuration Change Analysis - nCircle Configuration Compliance Manager not only enumerates the configuration of IT systems in detail, it identifies how these configurations are changing and whether these changes require attention. When Configuration Compliance Manager identifies a compliance deviation, it can escalate the issue in a variety of ways, including alerting administrators or opening a trouble ticket. Further, all configuration changes are recorded for audit and control purposes.