Support Site

Security

Persistent Monitoring and Management with ConsoleWorks

by

ConsoleWorks is an enterprise-class solution that monitors and manages computer and network infrastructure. It watches information coming from all parts of a networked environment and, in real time, extracts key events and notifies support staff. It can, in response to these events, connect staff to the problem source and /or launch utilities to resolve many issues without human intervention.

Device Monitoring

Virtually all computer, network, and similar devices have a communication port through which these devices send boot and status messages. Usually, this console information is lost because it is impractical to monitor and respond to the geographically scattered computing infrastructures common in modern-day businesses.

ConsoleWorks stops this data loss by bringing all the once-discarded console information, status updates, error messages – basically, everything in the data stream – back to a single, web-enabled server, looks it over and responds intelligently.

  • ConsoleWorks maintains a persistent connection to an asset’s communication port, also known as:
    • Serial console port
    • Service processor
    • Baseboard management controller (BMC)
    • Management frontend
    • Chassis management system
  • Manages any information source that sends text data out its console port and allows connections through that same console port
  • Monitors any information source that sends text data using Syslog or SNMP traps
  • Scans incoming, unsolicited text and compares it to the knowledge base, declaring Events when a match is made
  • Logs all communication to and from the asset

Persistent Connection | Access Management | Privilege User Monitoring

ConsoleWorks maintains a persistent, secure connection to physical and logical infrastructures to monitor user actions, machine state activity, and all defined incidents worth knowing about. ConsoleWorks also implements various levels of physical and logical security to provide necessary – and often required – protective measures. The solution can be programmed to trigger pre-defined, real-time, enterprise-wide responses to security incidents. ConsoleWorks enables strong password implementation, access restrictions by task, by role, and by policy, and user authentication internally (through username/password protocols) and externally (from sources including Windows® Active Directory Domain Services, PAM, and RSA® SecurID®).

The platform supports a robust task-based/role-based privileges model based on user-defined Access Control Rules. Access Control rules enable administrators more granular and graduated control over what specific users can do inside ConsoleWorks and how they can use the solution to access and interact with managed assets.

Access Control with ConsoleWorks

by

Privileged Interactive Access utilizes multiple approaches to control access to managed devices. Each approach focuses more precisely, giving greater and finer controllability down to the keystroke security.

Authentication – With ConsoleWorks, there are two non-exclusive ways to use authentication to control access:

  • User-to-ConsoleWorks authentication
  • ConsoleWorks-to-Asset authentication

Role-based Privileges – The ConsoleWorks privileges model enables the ability to associate privileges with roles, rather than with specific users, freeing you to associate these privileged roles with multiple users as needed. The ConsoleWorks privileges model provides access with sublime granularity.

Command Control – provides authority over what a user can do with an asset. Some users may be granted unfettered access, or controls can be placed on every character typed and every command.

 

See Resources for More Information

End-to-End Monitoring & Management with ConsoleWorks

by

ConsoleWorks acts in a multi-dimensional fashion by monitoring not only the applications but also the servers, virtual machines, networks, and storage devices that run them. It provides managers and administrators with an end-to-end management solution that controls system access, monitors and manages all log files, and watches for specific events that may occur across the Enterprise.

And it does all of this in real-time and in all machine states – power on, single user, maintenance, production, and failure modes. This persistent connection also locks down the “back door” entrances that are overlooked by similar, agent-based solutions.

The end-to-end view provided by ConsoleWorks helps administrators understand why something went wrong and quickly determine and implement the resolution. During that process, ConsoleWorks captures the exact steps used by an experienced administrator to remediate an issue and stores it in the knowledge base for future reference.

ConsoleWorks achieves end-to-end monitoring and management with the following capabilities:

  • Secure Access Management
  • Event Correlation
  • Log File Aggregation
  • Keystroke Logging & Best Practices
  • Proof of Compliance

ConsoleWorks automates the collection, comparison, alert/notification and auditing of any changes to configuration baselines, eliminating the majority of human errors and minimizing the impact of intentional or unintentional erroneous activity.

ConsoleWorks has the ability to speak multiple protocols (including serial), gaining access to and then collecting the inventory is a fundamental capability of the product.  ConsoleWorks does this without adding an Agent to the endpoint, which is a requirement in the ICS environment since many of these devices are purpose-built and cannot have other vendor software installed on it.

ConsoleWorks can be configured to monitor many items including:

  • Functional settings that determine how the asset operates
  • Versions of software currently installed including BIOS, firmware, operating system, applications, etc.
  • Patches, including security patches that are installed
  • Ports that are active and how they are configured
  • Services that are enabled
  • Accounts
  • Configuration Files

Configuration Monitoring Datasheet

Configuration Monitoring NERC CIP 010

Flexibility of Enterprise-Wide Integration

by

In the most comprehensive implementations, ConsoleWorks is the single pane of glass for managing and helping to integrate the foundation of the IT enterprise.

ConsoleWorks has an enormous amount of flexibility for managing the standard IT hardware devices and applications, and also enabling less common devices to be brought under the same management environment through its integration capabilities.

ConsoleWorks provides a number of methods that enable the product to be adapted to the specific IT enterprise requirements for the day-to-day security and management of hardware, virtual machines, and applications.

All of these advanced capabilities help to integrate ConsoleWorks into the tools, processes, and requirements of our customers rather than forcing our customers’ processes to work with the product. Some of these capabilities relate to:

  • Intelligent Event Modules (IEMs)
  • Controlled Automation
  • Command Control
  • Expect-Lite Routines
  • Actions
  • Tags

See the Resources Page for More Information

Improved Security Capabilities in ConsoleWorks

by

Security expectations and requirements are a reality for every business. Here at TDi Technologies, our software engineers work hard to ensure that ConsoleWorks meets or exceeds all of the security needs of our customers and prospects.

Since the release of ConsoleWorks Version 4.6 last year, we’ve introduced a number of changes to ConsoleWorks:

  • Improved security of CWClient (CWterm) when used in Actions by improving the Authorization method.
  • Reduced vulnerabilities between the server and User Interface and between the server and monitored devices by staying current with SSL and SSH security patches.
  • Added visibility within the User Interface of last successful login and any failed login attempts.
  • Allowed administrators to set the minimum password length to as long as 32 characters.
  • Added a new Windows Event Forwarder (WEF) that uses an encrypted and authenticated connection between the server and Windows systems rather than the unencrypted syslog connection of the past.
  • Added new password security controls to meet US Government and other requirements: Inactive Password Expiration, Minimum Time Between Password Changes, and Login Lockout after a specified number of failed login attempts.

TDi Technologies uses industry standard development methods including required coding reviews to ensure that new software vulnerabilities are not introduced during the development process. They monitor many sources of information concerning software vulnerabilities and attacks and act to change ConsoleWorks when the need arises.

Requests and inquiries concerning security and ConsoleWorks are given every consideration and almost always result in changes that meet our customers’ needs, especially when related to security standards such as NIST, SOX, NERC CIP, and HIPAA.

 

The ConsoleWorks Approach to Device Monitoring

by

Virtually all computers, networks, and similar devices have a communication port through which they send boot and status messages. Usually, this console information is lost because it is impractical to monitor and respond to the geographically scattered computing infrastructures common in modern-day businesses. ConsoleWorks puts an end to this data loss and handles device monitoring information coming from all parts of a networked environment, and, in real time, extracts key events and notifies support staff. ConsoleWorks brings all of the once-discarded console information, status updates, error messages, and anything else in the data stream to a single web-enabled server, scans the data, and responds intelligently.

Furthermore, ConsoleWorks remains fully functional in all modes, including single user, standby, and failure modes. By monitoring and logging consistently and constantly, not just under normal operating conditions, ConsoleWorks also meets the most stringent of compliance practices.

View Datasheets in Resources

We can help

Reach out today, and we'll talk through how we might be able to help!

Contact us