Configuresoft Eliminates Security Vulnerabilities on Mobile Windows Machines.Business Editors/High-Tech Writers WOODLAND PARK, Colo.--(BUSINESS WIRE)--April 5, 2004 New Version of Enterprise Configuration Manager Enforces Security and Configuration Policies when Mobile Clients Connect to Protected Network Configuresoft, the configuration management company, today announced a new version of Enterprise Configuration Manager (ECM (1) (Enterprise Change Management) See version control and configuration management. (2) (Error Correcting Mode) A Group 3 fax capability that can test for errors within a row of pixels and request retransmission. ) that eliminates security vulnerabilities on mobile Windows-based systems. To protect against attacks that exploit mis-configured mobile clients, ECM automatically assesses and corrects configuration settings on remote machines every time they connect to the internal network. In addition, ECM now provides assessment templates that help organizations comply with regulatory requirements imposed by GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve , HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, , and Sarbanes Oxley by enforcing IT configurations that are consistent with security best practices defined by the SANS Institute The SANS Institute (SysAdmin, Audit, Networking, and Security) is a trade name owned by the for-profit Escal Institute of Advanced Technologies. SANS provides computer security training, professional certification, and a research archive. , Microsoft, and NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. . "A network is only as secure as the remote machines that are allowed to connect it," said Mark Nicolett, vice president and research director for Gartner, Inc. "Enforcing security and configuration policies on mobile clients is critical yet manually impossible to perform. Software that can automatically assess and enforce configuration standards on remote machines allows organizations to seal a gaping security hole in their IT infrastructure." Securing Mobile Clients To insulate organizations from vulnerabilities created by mis-configured mobile clients, ECM automatically detects remote machines when they log-on to the network and immediately compares their configuration settings and patch levels against pre-established standards. ECM can then correct configurations that are out of compliance with security policies and deploy missing patches. For optimal resource utilization over slower links, ECM calculates the connection speed of each machine and categorizes the session as dial-up, broadband or LAN (Local Area Network) A communications network that serves users within a confined geographical area. The "clients" are the user's workstations typically running Windows, although Mac and Linux clients are also used. . Based on the speed category, ECM will perform bandwidth appropriate collection and patch deployment operations. For maximum flexibility, ECM allows administrators to define specific management functions that can be triggered by network and timed events. For example, ECM can be used to perform only critical functions when a machine connects from a remote location via a VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. , wireless, or dial-up connection. Meanwhile, time consuming maintenance and deployment activities can be scheduled to occur when a machine is attached to the network for an extended period of time, such as after hours Adv. 1. after hours - not during regular hours; "he often worked after hours" or on the weekend. "Enforcing configuration and security standards on mobile machines is one of the biggest challenges facing enterprises and government agencies," said Alexander Goldstein, Chief Executive Officer of Configuresoft. "Enterprise Configuration Manager now makes it possible for any organization, regardless of the number of remote clients they have in the field, to automatically identify and rein in rein in Verb 1. to stop (a horse) by pulling on the reins 2. to restrict or stop: either prices or wage packets had to be reined in Verb 1. machines with rogue configurations." Mobile System Audit Trail To ensure continuous change and configuration management ECM maintains a complete audit history of actions and jobs performed on mobile clients, as well as remote connection activity. This capability enables companies to report on the security posture of their mobile clients and provides supporting data for compliance with security regulatory requirements. Regulatory Compliance Templates For companies that must comply with security requirements imposed by the GLBA, HIPAA and Sarbanes Oxley legislations, ECM now provides packaged templates to enforce configurations and access privileges for workstations and servers that are consistent with industry standard best practices. The ECM templates for GLBA, HIPAA and Sarbanes Oxley enable IT departments to quickly identify and take corrective action A corrective action is a change implemented to address a weakness identified in a management system. Normally corrective actions are instigated in response to a customer complaint, abnormal levels if internal nonconformity, nonconformities identified during an internal audit or on machines that violate best practices defined by the SANS Institute, Microsoft, and the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST). The ECM templates assess a comprehensive list of security variables to ensure they are properly configured, including audit settings, change logs, user rights, password policies, and more. Pricing and Availability Enterprise Configuration Manager with mobile client management and GLBA, HIPAA, Sarbanes Oxley templates is available immediately from Configuresoft and its business partners worldwide. Pricing starts at $995 per server and $30 per workstation. ECM supports Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. Server 4.0 or higher, Windows NT Workstation 4.0 or higher and Microsoft SQL Server A relational DBMS from Microsoft that is a major component of the Windows Server System. It is Microsoft's high-end client/server database and is closely integrated with Microsoft Visual Studio and the Microsoft Office System. 2000 or higher. About Enterprise Configuration Manager ECM centralizes and automates the labor-intensive task of monitoring, managing, and auditing the hardware and software configurations of Windows systems deployed in large enterprise networks or Web server farms. ECM standardizes server and client configurations, and can automatically enforce compliance with policies to prevent security vulnerabilities, minimize downtime, and enhance system performance. ECM can identify and help correct configuration problems before users even know they exist. ECM Security Update Manager, an add-on module for ECM, automates security patch A fix to a program that eliminates a vulnerability exploited by malicious hackers. See vulnerability and patch. management by alerting administrators of new security bulletins issued by Microsoft, instantly assessing entire networks to detect vulnerabilities, and deploying required patches to all the target machines with a single mouse click. Company Background Founded in 1999, Configuresoft provides the world's leading companies with software that automates the management of hardware and software configurations for Windows-based servers, desktops, and mobile systems. Eight of the 25 largest companies in the world use Configuresoft software to address configuration management challenges and enforce compliance with their security and IT standards. Configuresoft is privately held and headquartered in Colorado Springs Colorado Springs, city (1990 pop. 281,140), seat of El Paso co., central Colo., on Monument and Fountain creeks, at the foot of Pikes Peak; inc. 1886. It is a year-round resort and a booming military, technological, and commercial city. . To contact Configuresoft, call 719.447.4600, visit us on the Web at http://www.configuresoft.com or write to marketing@configuresoft.com |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion