IT Operations Management (ITOM)
cancel

More things in life should be simple. Like data center compliance and patching

More things in life should be simple. Like data center compliance and patching

Micro Focus Expert

Regulatory rules are intensifying, security threats are unrelenting, and data breaches are making headlines. The environment is dynamic and DevOps, with short-lived, self-service infrastructure provisioned and de-provisioned at faster rates. 

As compliance and risk pressures mount, it’s easy to feel overwhelmed.  But data center security should be easy, because it can be.

beginning.jpg

Enter, Data Center Automation (DCA), the one-stop place for all things compliance and patching.

With automated compliance and patch and vulnerability management, here are four ways DCA reins in out-of-control processes.

Address all needs in a single UI, leave no system behind

Are compliance and patch processes time-consuming and error-prone with a mix of tools, scripting, and manual work?

In a single UI, DCA automates regulatory compliance and patching across the broadest range of multivendor server OS, databases, and middleware. With the latest 2018.05 release, DCA supports RHEL, Microsoft Windows, Ubuntu, Oracle Enterprise Linux, SUSE, Oracle Solaris, Oracle, IBM DB2, Microsoft SQL Server, Jboss, and IIS.

You can govern consistent security policies across the data center, but still keep the infrastructure you have. How? DCA discovers Micro Focus Server Automation and Puppet-managed resources. And once discovered, DCA runs compliance and patch operations on them.  

Get consistency with policy-based automation and powerful out-of-the-box content

Can you run compliance and patching on 100% of your systems? Or do you contend with inconsistent processes on random systems?

Keep the enterprise compliant from initial provisioning through resource retirement.

Desired state is at the heart of everything DCA does.

With policy-based automation, set your rules on what to scan, when to scan, and when and how to remediate. Policies can be customized to include regulatory rules (e.g. CIS, PCI DSS), patch bundles, and measurement and remediation Service Level Objectives (SLOs).

DCA provides a powerful library of industry and regulatory compliance benchmarks (e.g. CIS, PCI DSS), compliant deployment templates (resources are provisioned with OS or database templates designed to be compliant at the time of deployment), and remediation actions. You can modify or clone content in a way that fits the unique needs of your enterprise.

Powerful out-of-the-box benchmarks align to industry standards. 

Great compliance can come out-of-the-box. For CIS, PCI DSS, SOX, FISMA, HIPAA, ISO 27001, and DISA.

Scan and remediate, that’s two sides of the equation. It’s what we call closed-loop remediation

Does remediation take too long? Is it difficult to follow up on gaps and improve desired state?

With DCA, remediate immediately after a compliance or patch scan or according to maintenance windows and SLOs. This is what we call closed-loop remediation. And so that exceptions don’t show up as a big X on your audit report, allow for acceptable risk with built-in exception management. Set up, approve, and address exceptions all in the same tool.

scan-remediate2.PNG

Also, DCA delivers remediation actions right out-of-the-box, so you don’t have to write them

We took baseline Red Hat servers and ran compliance [scan], and we had one hundred fifty problems. Ran remediation once and it resolved one hundred of those. And the remaining that were left were things that were subjective and easy to address. There was instant value in taking a customer’s environment and leveraging the tool to drive remediation and higher levels of compliance out-of-the-box. Joe Madden, Founder and President of Greenlight Group

Visualize! See compliance and risk in one window with actionable, drill-down dashboards

Are you in the dark about regulatory compliance and risk state across the data center? Can you quickly respond to threats? Is your company audit-ready?

The compliance and risk dashboards present a complete view of infrastructure compliance and risk and vulnerability state across the data center, classified by resource type, severity, and state.  

Time series data tracks historical resolution of variances and aging risks (old vulnerabilities not yet mitigated are easier exploits). 

DCA allows you to track key risk events, like Spectre, Poodle, and WannaCry, and thus helps proactively reduce risk of future breaches. The risk dashboard correlates required patches to Common Vulnerabilities and Exposure (CVE) metadata and Common Vulnerability Scoring System (CVSS) scores from the National Vulnerability Database.

dashboards.PNG

Get ready to go, ready to scale with DCA container deployment option

All of this is ready to go and ready to scale with DCA container deployment option. Built on cost-saving Postgres database and powered by open-source ITOM platform, DCA is easy to install, upgrade, and scale.

We understand data center security may be complicated. But it doesn’t have to be.

DCA automates the process for you. With DCA, experience a policy-based solution that centralizes regulatory compliance and patching, provides closed-loop remediation, offers out-of-the-box compliance content, and shows regulatory compliance and risk state in one place—across the entire data center.


end.PNG

To learn more about DCA:

Master regulatory compliance and patching, download the infographic here.

Visit the DCA website

 

About the Author

sibels

Sibel is a Senior Product Marketing Manager at Micro Focus ITOM.