Hi Dmjcomputing - policy reporting enhancements are top of the list of things we are working on right now. We plan to include all sorts of new features. I know you all have been asking for this for a while, and rest assured we are on it.
I know you say you're "working on it", which is good, but judging by the traffic here it seems to be moving slowly.
In the meantime, a few comments:
You include a number of canned "Policy Reports". I know these are probably intended just as *examples*, but that's not really clear. When you include rules that have hard-coded IP addresses, like for a syslog destination or an NTP server, they will of course always fail. If one has a manager who takes a look at the product, says "Oooh, compliance reports", then hits you up with hundreds of violations because in our environment, we are not actually logging to 10.10.10.1, or most of our devices are not in Central Standard Time, it's awkward.
Oh, also, your NTP rules require Daylight Saving Time settings which have been obsolete for two years.
GeorgeK - thanks for your input. We're definitely working on enhancing the functionality - and I understand what you mean about updating the "out-of-the-box" rules and reports as well. We're on it. Thanks for your patience!
Hello, I work with General Dynamics. I have been trying to compile the DISA STIG into NCM with no luck and was wondering if you all have any new developements towards this?
Hi Darrell - we're in beta right now and should be approaching the RC phase quite soon. I will be reaching out to everyone on this thread to see if you would be interested in participating in the RC.
Hi Jon - are you wanting us to add the report, or just the ability to support those rules? Could you let me know what you're looking for so I can be sure we're tracking it correctly?
A report would be great! IAVA's are alerts sent out to inform the DoD user community of security issues with software. Most of them are for programs and OS'es, but they do send them out for hardware as well. Specifically, we would be interested in IAVA compliance on our network equipment. Thus, if an IAVA was issued stating that all Cisco 2690 switches must be running IOS version x.x.x by date XYZ, we could run a report to see if any of our Cisco 2690's were not compliant. Does this make sense?
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.