BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Value of a Management Console

Posted August 18, 2010    Morey Haber

My background is in Network Management Systems (NMS). In the late 1990’s, the buzz words for NMS were around a “single pane of glass” management. This referred to a single CRT computer screen showing all of the relevant network management information in one view. The inherent value in this approach was the ability to see all of the relevant network information and status at a quick glance. For enterprise clients, this quick glance included “management by exception” since the single pane of glass should only show aspects that were faulty or out of tolerance versus all elements in the network. If they did show everything, the view generally became cluttered and lost its value as a quick glance tool.

The value and philosophy of those management consoles still holds true today for vulnerability management. Reporting aspects of vulnerability assessment are designed to show you which devices are not within acceptable parameters; and management console dashboards highlight the highest risk assets and vulnerabilities. In essence, they are performing the same functions of management by exception using vulnerabilities and security as filtered disciplines.

Thus, the inherent value of a management console is how much relevant information it can bring together into that single pane of glass and then allow detailed drill down of information when requested. The correlation of relevant information is equally as important in establishing this value. Consider a vulnerability management console that indicates your highest risk assets and which vulnerabilities are present. Every vendor in the vulnerability management industry has the view today. The technology for which is over a decade old.

Now consider that same single pane of glass that also tells you what attacks that asset has experienced, what malware has been detected, and all of the relevant asset information including software installed and even processes running. The value of this management console has just increased because it extends relevance of the data to not only show what is vulnerable, but is also showing how that device is interacting with the environment from a security and asset management perspective. If we now couple that same view with the ability to manage our regulatory compliance initiatives and even offer two way communications to those devices that need remediation, our single pane of glass now provides a value that has never been realized before. A single management console can now provide the entire lifecycle of vulnerability management for assets from discovery, assessment, reporting, and remediation.

So I would like to pose this question to my readers for comments:

Do you use a management console for a lifecycle approach to vulnerability management? If not, why?

Solutions are available today that can realize the visions of a decade ago and simplify your entire approach to vulnerability management. If you’re using a solution that only reports vulnerabilities, eEye can truly provide your business the value it has been striving for in the next generation management consoles.

Tags:

Leave a Reply

Additional articles

6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,
Password Game Show

Managing Shared Accounts for Privileged Users: 5 Best Practices for Achieving Control and Accountability

Posted November 20, 2014    Scott Lang

How do organizations ensure accountability of shared privileged accounts to meet compliance and security requirements without impacting administrator productivity? Consider these five best practices…

Tags:
, , , , , ,
Triggering MS14-066

Triggering MS14-066

Posted November 17, 2014    BeyondTrust Research Team

Microsoft addressed CVE-2014-6321 this Patch Tuesday, which has been hyped as the next Heartbleed.  This vulnerability (actually at least 2 vulnerabilities) promises remote code execution in applications that use the SChannel Security Service Provider, such as Microsoft Internet Information Services (IIS). The details have been scarce.  Lets fix that. Looking at the bindiff of schannel.dll, we see a…

Tags:
, , , , ,