Support Site

News

Access Control with ConsoleWorks

by

When it comes to security, ConsoleWorks offers many unique features to ensure consistent security practices across the entire IT infrastructure, including robust Access Control capabilities using a role-based/task-based permissions model.

Privileged users should be able to access only those interfaces needed to perform their work. Role-based access and control in the IT foundation ensures that interfaces cannot be accessed without permission. Users only see the interfaces assigned to them.

ConsoleWorks provides advanced role-based access and control capabilities with LDAP integrations for fine-grained control of access rights and privileges across all managed connections. Access Control Rules enable administrators more granular and graduated control over what specific users can do inside ConsoleWorks and how they can use ConsoleWorks to access and interact with managed assets.

In ConsoleWorks 4.6, the permissions model has been completely re-engineered. Significant enhancements have been made with new capabilities that allow very granular control over what any one person is allowed to do in ConsoleWorks, particularly with separation of duties.

View Datasheets in Resources

The ConsoleWorks Difference

by

ConsoleWorks is the leading Cybersecurity Operations Platform on the market. The ConsoleWorks Server is the high-performance engine that handles information flow processing, business rule execution, pattern-matching, role-based security, and signed log-file generation. It handles all input and output across the enterprise on the devices and application that it manages, serving this data up as needed.

ConsoleWorks is capable of managing more than 1000 connections per server invocation. The ConsoleWorks Server is a complete solution package for managing the IT foundation of the enterprise.

Some of the key features of ConsoleWorks include role-based access and control, secure remote management and monitoring, in-band and out-of-band management, bi-directional data capture, digitally signed logs and forensic files, and comprehensive automation. ConsoleWorks is also agentless and persistent to facilitate IT operations, enforce security, and maintain comprehensive audit trails.

View Datasheets in Resources

Using IEMs as a Domain Knowledge Repository

by

Intelligent Event Modules (IEMs) are vendor event reference libraries that contain the proper priority designation as designed by the vendor or manufacturer and descriptive event definitions for detected events. IEMs dramatically improve the ability to streamline and optimize IT operations by eliminating time-consuming event prioritization and research activities.

Furthermore, IEM technology can be utilized as a domain knowledge repository. Users can define custom events so that when these events (or event combinations) occur again, they will already be properly prioritized and described. The end user can also update IEMs with recommended remediation actions by event – even to the inclusion of the exact sequence used to correct the problem previously – to build a knowledge base of best practices.

This enables less knowledgeable or less experienced administrators to quickly remediate an error or incident when it occurs by simply following the steps used to address the issue previously. IEMs provide a way to capture critical domain knowledge to continuously enable process improvement.

View Datasheets in Resources

Security and Compliance in Virtual Environments

by

The use of Virtual Machines (VMs) in IT introduces a new layer of complexity in the IT infrastructure, and adds new challenges to IT operations, security, and compliance. ConsoleWorks is unique in that it delivers the same simplification, automation, documentation, and security benefits to virtualized environments as it does to physical ones.

ConsoleWorks maintains console connections in all modes of operation – including during VM migrations. ConsoleWorks uses persistent connections that move with VMs, keeping operations, compliance, and security practices over privileged interfaces consistent and effective.

In addition to maintaining the IT infrastructure security model over privileged interfaces (such as consoles and virtual serial ports), ConsoleWorks is also able to capture all log file data generated by hypervisors (including VM logs). The records produced are accurate, consistent, and comprehensive – and they remain so, even when VMs move from host to host. This comprehensive data collection can support even the most rigorous compliance requirements and provide the transparency needed to meet audits.

View Datasheets in Resources

Simplifying Event Remediation with Intelligent Event Modules (IEMs)

by

Intelligent Event Modules (IEMs) are vendor event reference libraries that contain the proper priority designation as defined by the vendor or manufacturer and descriptive event definitions for detected events that transform cryptic event codes into human-­‐understandable error definitions – simplifying the diagnosis activity and time to solve. IEMs provide ConsoleWorks with a watchlist of text messages, including error codes, system warnings, and status alerts, produced by an information source in the IT environment. ConsoleWorks watches for these messages, called Events, in the data streams of your managed systems, devices, and applications.

By automatically prioritizing events and providing an accurate definition with the cryptic event code, the “process” that leads to root cause analysis and close loop remediation is collapsed down to a fraction of what it would be without ConsoleWorks.

IEMs dramatically improve the ability to streamline and optimize IT Operations by eliminating time-­‐ consuming event prioritization and research activities. With IEMs, events captured by ConsoleWorks that are in the vendor IEM “library” are automatically matched, assigned the appropriate priority, and presented with their human-­‐readable definition. This enables administrators, engineers, and technicians to use their time for a value-­‐add issue or problem resolution rather than priority assessment or event code researching.

By enabling events to be “clickable”, ConsoleWorks enables the correct console log file, history and best practice for the remediation action to be automatically opened in just one click – completing the “closed loop remediation cycle” in the most efficient manner possible.

Finally, IEM technology can be used as a domain knowledge repository. The user can define custom events so that when these events (or event combinations) occur again they will already be properly prioritized and described. The end user can also update IEMs with recommended remediation actions by event – even to the inclusion of the exact sequence used to correct the problem, previously. So, a less knowledgeable or less experienced administrator is now armed with the exact steps that were used by the expert to successfully remediate the error or incident. This is an important enabler of continuous process improvement.

Events can also trigger custom Actions to perform activities such as:

  • Detecting Events
  • Acknowledging event occurrence
  • Purging Events that have not been addressed
  • Escalating an event
  • Copying Log files to another offsite storage
  • Purging log files that are over 90 days old

Consistent Security Practices with ConsoleWorks

by

When it comes to security, ConsoleWorks offers many unique features to ensure robust and consistent security practices across the IT infrastructure. ConsoleWorks maintains a persistent, secure connection to physical and logical infrastructure to monitor user actions, machine activity and all defined incidents worth knowing about. Various levels of physical and logical security are implemented to provide necessary – and often required – protective measures.

ConsoleWorks also enables strong password implementation, access restrictions by task, by role, and by policy, and user authentication internally and externally. The solution offers two communication security options, SSL and SSH, which provide for the exchange of encrypted information between the browser (SSL) or the CLI (SSH) and the ConsoleWorks server, and between the ConsoleWorks server and the managed asset (SSH).

The ConsoleWorks solution supports a robust task-based/role-based privilege model based on user-defined Access Control Rules. These Access Control Rules give administrators more granular and graduated control over what specific users can do inside ConsoleWorks and how they can utilize ConsoleWorks to access and interact with managed assets.

View Datasheets in Resources

We can help

Reach out today, and we'll talk through how we might be able to help!

Contact us