nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Compliance Rule Integrity Control

Arrowgon

Summary

Requesting enhancement to SolarWinds Network Configuration Manager (NCM) to provide rule integrity protection and version control for compliance policies, rules, and reports. This would ensure that centrally provided compliance content cannot be modified—intentionally or unintentionally—by downstream users (e.g., Business Units) without visibility and control.

Problem Statement

Currently, when compliance policies, rules, and reports are distributed to Business Units (BUs), they can be freely edited by those users. This introduces several risks:

Loss of Rule Integrity – BUs can modify compliance checks in a way that causes devices to pass artificially
Lack of Visibility – There is no native mechanism to detect if a rule has been altered from its original state
Compliance Risk – Audit outcomes may be based on modified rules rather than the intended baseline
No Version Tracking – Changes to rules are not tracked or attributable in a meaningful way
No Enforcement Mechanism – There is no way to enforce centrally defined standards across distributed environments

From a governance and audit perspective, this creates a significant gap in trust and validation of compliance reporting.

Requested Capabilities

1. Rule Locking / Read-Only Enforcement

Ability to mark compliance policies, rules, and reports as read-only
Prevent modification by non-authorized users (e.g., BU-level access)
Option to scope this by role or permission group

2. Integrity Validation (Checksum / Hashing)

Implement a mechanism to validate rule integrity (e.g., hash comparison)
Ability to detect and alert when a rule has been modified from its original version
Provide visibility into “tampered” or “non-standard” rules

3. Centralized Policy Enforcement Model

Support a “golden baseline” model where centrally managed rules are:
- Distributed to BUs
- Protected from modification
Optional ability for BUs to create local overrides (clearly flagged as deviations)

4. Drift / Deviation Reporting

Reporting feature to identify:
- Rules that differ from the central standard
- Missing or altered compliance content
Dashboard or alerting capability for rapid detection

Find more posts tagged with

Active

network_management

ncm

Status: Active

Comments

There are no comments yet