“I think NCM is an invaluable tool and I don’t know how we could really operate without it.” says Doug Hull in ahttp://www.solarwinds.com/resources/videos/got-regulations-detect-non-compliant-config-changes-with-ncm.htmlrecent interview. “It’s particularly good in a regulatory environment where you need to have a strong control over changes. For any kind of regulated environment, NCM is a very useful tool.”
Rise in data breaches and other cybercrimes has made the role of security polices & controls gain more prominence in overall network management. Administrators face many challenges trying to implement and manage these policies. The reason being, dynamic and growing networks of today comprise of numerous heterogeneous devices geographically spread over many locations. Administrators spend loads of time and effort to ensure that the required network security policies are in place. Most often these policies get implemented but then no regular controls or monitoring exists to ensure continuous compliance. The truth is that administrators lack the tools to track devices and changes applied to device configurations/defined policies.
Security policies define the measures to be taken to protect information assets. Change monitoring and compliance assessments ensure that the controls defined by the policy are enforced and in place. Policy defines standards like SOX, HIPPA, PCI DSS, DISA STIG, NIST, etc. Each standard has a specified set of objectives and controls are the actions taken to achieve the standard. For example, PCI DSS was designed to protect card holder data. One of the objectives specified by PCI DSS is - routers shall prohibit unauthorized access using strong passwords. The action taken to achieve this objective - configure routers to require user login passwords of 8 characters or more consisting of a mix of alpha and numeric characters.
Monitoring ensures policy controls remain enforced and don’t drift. Compliance assessment verifies controls are in place and that they remain true to the policy. For example, if a router does not have a strong password (according to specified controls) then it does not conform to the policy.
The role of compliance monitoring and assessment:
- Helps provide a more secure environment for your organization
- Improves availability of critical IT infrastructure by reducing downtime due to human errors
- Introduces accountability and audit ability with role based access control
- Speeds up remediation by allowing changes to be applied to multiple nodes that are in violation simultaneously
- Improves admin productivity by eliminating manual compliance checks
- Reduces admin work responding to “data calls” about vulnerabilities
Continuous monitoring on the other hand, replaces point-in-time audits with a continuous view of the state of the network. The advantages are:
- Timely awareness of real-time vulnerabilities—faster security event detection
- Ability to keep up with the latest compliance requirements
- Increased visibility into current device configurations
- Visibility into compliance progress
- Automated compliance reports
How does NCM help ensure policy compliance?
Compliance policies and controls can be implemented, however to enforce them, you need automation. NCM does not define the policy, but helps network admins accurately and consistently implement network security controls via device configuration settings, monitors them for unwanted change, and verifies if they comply with the baseline policy. In a broad manner NCM helps:
- Ensure that controls for network devices are consistently implemented
- Ensure device configuration changes are approved before implemented
- Monitor configurations for unwanted/unapproved changes
- Assess configurations for compliance
- Rollback non-compliant configurations to remediate issues and reduce downtime
The price of non-conformance to policy controls is the likely presence of numerous vulnerabilities which can put networks/businesses at risk. Therefore, it’s mandatory for organizations to not only ensure daily compliance, but also continuously monitor for adherence to these policies. Choose a tool that saves loads of time and gives you visibility into compliance management and adherence across the entire network.