BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Value of a Management Console

Posted August 18, 2010    Morey Haber

My background is in Network Management Systems (NMS). In the late 1990’s, the buzz words for NMS were around a “single pane of glass” management. This referred to a single CRT computer screen showing all of the relevant network management information in one view. The inherent value in this approach was the ability to see all of the relevant network information and status at a quick glance. For enterprise clients, this quick glance included “management by exception” since the single pane of glass should only show aspects that were faulty or out of tolerance versus all elements in the network. If they did show everything, the view generally became cluttered and lost its value as a quick glance tool.

The value and philosophy of those management consoles still holds true today for vulnerability management. Reporting aspects of vulnerability assessment are designed to show you which devices are not within acceptable parameters; and management console dashboards highlight the highest risk assets and vulnerabilities. In essence, they are performing the same functions of management by exception using vulnerabilities and security as filtered disciplines.

Thus, the inherent value of a management console is how much relevant information it can bring together into that single pane of glass and then allow detailed drill down of information when requested. The correlation of relevant information is equally as important in establishing this value. Consider a vulnerability management console that indicates your highest risk assets and which vulnerabilities are present. Every vendor in the vulnerability management industry has the view today. The technology for which is over a decade old.

Now consider that same single pane of glass that also tells you what attacks that asset has experienced, what malware has been detected, and all of the relevant asset information including software installed and even processes running. The value of this management console has just increased because it extends relevance of the data to not only show what is vulnerable, but is also showing how that device is interacting with the environment from a security and asset management perspective. If we now couple that same view with the ability to manage our regulatory compliance initiatives and even offer two way communications to those devices that need remediation, our single pane of glass now provides a value that has never been realized before. A single management console can now provide the entire lifecycle of vulnerability management for assets from discovery, assessment, reporting, and remediation.

So I would like to pose this question to my readers for comments:

Do you use a management console for a lifecycle approach to vulnerability management? If not, why?

Solutions are available today that can realize the visions of a decade ago and simplify your entire approach to vulnerability management. If you’re using a solution that only reports vulnerabilities, eEye can truly provide your business the value it has been striving for in the next generation management consoles.

Tags:

Leave a Reply

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,