Configuresoft Expands Security and Compliance Coverage to Include CIS VMware ESX 3.x Server Benchmark.Extended Support for Industry Benchmarks and Guidelines Enhances IT Operations' Ability to Intelligently Manage Virtual Environments SAN FRANCISCO San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden -- Configuresoft, the world's leading enterprise server configuration management company, today announced at the RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. in San Francisco that it has enhanced its continuous compliance and security capabilities for VMware environments with support for the Center for Internet Security (CIS Cis (sĭs), same as Kish (1.) (1) (CompuServe Information Service) See CompuServe. (2) (Card Information S ) VMware ESX Server VMware ESX Server is an enterprise-level virtualization product offered by VMware, Inc., a division of EMC Corporation. ESX Server is a component of VMware's larger offering, Virtual Infrastructure, which adds management and reliability services to the core server product. Benchmark. Support for this Benchmark enables IT Operations to easily measure compliance with best practices for hardening virtual environments from a broad consensus of industry experts. Last year, at a birds-of-a-feather session at RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. , CIS and Configuresoft developed a benchmark working group and with input from more than 200 virtualization An umbrella term for enhancing a computer's ability to do work. Following are the ways virtualization is used. Hardware Virtualization Partitioning the computer's memory into separate and isolated "virtual machines" simulates multiple machines within one physical computer. and security experts from the commercial market, federal organizations, manufacturers and the software industry created the industry's first virtual machine security benchmark. CIS benchmarks and guidelines are unique in the industry in that they are created via broad consensus. This benchmark extends and enhances the hardening guidelines offered by the manufacturers by consolidating the expert opinion of the world's leading security professionals. CIS benchmarks and guidelines can be downloaded from cisecurity.org Configuresoft's Enterprise Configuration Manager (ECM (1) (Enterprise Change Management) See version control and configuration management. (2) (Error Correcting Mode) A Group 3 fax capability that can test for errors within a row of pixels and request retransmission. ) for Virtualization extends the IT organizations ability to visualize and manage virtual environments providing end-to-end, at-a-glance visibility across VMware environments. With Configuresoft's Enterprise Configuration Manager (ECM) for Virtualization and the CIS ESX See VMware. Server Benchmark template, IT organizations can automatically measure and manage compliance across the VMware environment including hardening guidelines for installation, network security settings, logging, file permissions, user accounts and many other issues resulting from the rapid adoption of virtualization in today's datacenter. "Virtualization offers IT departments opportunities to reduce cost and increase agility; however, if this is done without implementing best practices for security and compliance, the resultant security incidents will increase costs and reduce agility," said Neil MacDonald, vice president and Gartner fellow. "Existing tools and technologies may not work correctly in a virtualized environment, leading to limited visibility and a false sense of security. Organizations must ensure their established security and management processes embrace the virtual world." Configuresoft's Center for Policy and Compliance (CP&C) has led the industry in forming opinion and bringing together published security and compliance information to build a rich library of compliance toolkits that are available for download by Configuresoft customers from www.configuresoft.com. These CP&C Compliance Toolkits include: * VMware Infrastructure 3 Security Hardening Guidelines and VMware Virtual Center Best Practices * FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act Compliance Toolkit for Virtual Computing * GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve Compliance Toolkit for Virtual Computing * HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, Compliance Toolkit for Virtual Computing * Sarbanes-Oxley (404) Compliance Toolkit for Virtual Computing * DISA 1. (body) DISA - Defense Information Systems Agency. 2. (standard) DISA - Data Interchange Standards Association. STIG Compliance Toolkit for Virtual Computing Configuresoft's Configuration Intelligence for Virtualization addresses the increased complexities virtualization presents by centralizing and automating the monitoring, managing and auditing of physical (host) and virtual (guest) assets across an organization's infrastructure. Further it delivers unparalleled visibility, security and control, enabling IT organizations to meet the demands of virtualized environments. "With the increased challenges of managing the security and compliance of virtualized environments now clearly recognized, the industry is looking for Looking for In the context of general equities, this describing a buy interest in which a dealer is asked to offer stock, often involving a capital commitment. Antithesis of in touch with. more automated methods to ensure that technical controls are in place and virtual machine environments are in compliance both with internal configuration standards, best practices and external regulations," said Dave Shackleford, director, Center for Policy & Compliance for Configuresoft and co-chair of the CIS ESX Server Benchmark. "With the extension of the CP&C compliance templates for the CIS ESX Server Benchmark, VMware Hardening Guidelines and Configuresoft's continued commitment to provide the most up-to-date guidance, you can do just that." About Configuresoft Configuresoft, the world's leading enterprise server configuration management provider, delivers the Configuration Intelligence[R] that brings automation and intelligence to IT operations. Hundreds of organizations, including 13 of the world's 25 largest companies, rely on Configuresoft to effectively and efficiently manage the complexity of today's physical and virtualized IT environments. Configuresoft's team of security and policy experts ensure continuous compliance with regulatory requirements such as Sarbanes-Oxley and industry standards such as PCI DSS and Microsoft and VMware Hardening Guides. To contact Configuresoft, please call (888) U-CONFIG or visit www.configuresoft.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion