cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Server Configuration Monitor (SCM) 2020.2.1 Is Now Generally Available

It is my pleasure to announce that Server Configuration Monitor (SCM) 2020.2.1 is now generally available in your customer portal and you can download and upgrade your production servers, while retaining your complete configuration and history.  Although we typically don't package new features into a service release, these features were too exciting to hold back from you.

Version 2020.2.1 is compatible with Orion Platform 2020.2.1

What's New?

New compliance engine 

Many of you wanted SCM to check servers, applications and databases against compliance benchmarks (like STIG, CIS, etc), similar to the compliance feature in NCM.  To do this, we've built a new policy and rules engine to measure compliance for these entities by leveraging the data collection capabilities in SCM.   

Compliance Dashboards

Using the new dashboard capabilities in Orion, we've added new compliance dashboards summarized at different levels (overall, policy and node) with drill down to rule details view to see why rules are failing and how to fix them.  

Compliance is calculated by the number of applicable rules that passed the checks included in that policy.  For example, a Windows Server policy might have 200 rules, but when assigned to a node, only 150 rules are applicable.  When the rules are evaluated on that node, if 100 of the rules pass, then the compliance percentage for the policy on that node is 66% (100 passing rules out of 150 applicable rules).  The status of the other 50 rules could be failed or unknown.  Policy rules are evaluated once a day. 

  • Overall Compliance: Summary of all policies across all assigned nodes
    bmrad_0-1597689548441.png

  • Policy Compliance: Summary of one policy for all assigned nodes
    bmrad_1-1597689598791.png
     
  • Policy Node Compliance: Summary of one policy for one assigned node
    bmrad_2-1597689624351.png

Rule Details 

Rules consist of a rule description, the instructions on how to fix a failing rule, and one or more checks that determine if a rule passes or fails. Once applied to an entity, rules can have 5 states: 

  • Passed - rule was evaluated and passed
  • Failed - rule was evaluated and failed
  • Unknown - rule was not evaluated because of a problem (data collection, bad data, etc.) 
  • Not Applicable - the rule did not apply to the node 
  • Disabled - user disabled the rule at the policy level

Note that rule states do not roll up or impact Orion's entity status, so failed rules will not turn a node red.  

bmrad_0-1597690736645.png

 

OOTB Policies

The list of out-of-the-box policies is short (Windows, SQL and IIS) but will cover the basics in your environment.  New policies will be published on thwack. If you need a policy, post a request in Server Configuration Monitor (SCM) Feature Requests.

Alerts and Reports

SCM included 2 Alerts and 3 Reports for compliance policies. 

Alerts

  • Overall policy compliance percentage (70%) 
  • Rule evaluation fails

Reports

  • Overall Compliance Summary
    bmrad_0-1597693081841.png 
      
  • Policy Compliance Summary
     
    bmrad_0-1597693300673.png 
      
  • Policy Rule Status (including error info)
    bmrad_1-1597693111213.png

Perfstack

Perfstack will show summaries at both the policy and node level, allowing you to see the history of compliance in your environment.  Data available for both Node and Policy entities, includes all rules (not just applicable), and the data explorer links you to the rule, node or policy. 

bmrad_0-1597848355260.png

 

And as always, check out the release notes for a list of all the changes and fixes in this release. 

What's Next!

If you don't see the features you've been waiting for, check out the What We're Working on for SCM post for a list of features our dedicated team of configuration nerds and code jockeys are already researching. If you don't see everything you've been wishing for, add it to the Server Configuration Monitor (SCM) Feature Requests.

 

Comments

@bmrad This is good, but can you list what policies are in this version OOTB please? Also, at what point can we customise the OOTB policies - so if we don't apply all the rules from the base policy, can we exclude them?

Version history
Revision #:
15 of 15
Last update:
2 weeks ago
Updated by: