subscribe: Daily Newsletter

 

Appliance reports on IT governance policy violations

0 comments

EMC has raised the bar for IT governance solutions by announcing a new appliance powered by its application discovery, change impact and dependency mapping software. EMC IT Compliance Analyzer – Application Edition enables users to define IT compliance policies for application dependencies and infrastructure and receive alerts when policy violations occur.

Internal governance, industry best practices, and external regulatory directives – such as the pre-packaged PCI DSS (Payment Card Industry Data Security Standard) compliance templates – can be managed based on automated analysis of application configuration, change and dependency information.
IT Compliance Analyzer is a key piece of EMC’s IT service delivery management portfolio, a comprehensive set of operations management software based on EMC Smarts and EMC ControlCenter technologies.  Aimed at helping customers achieve higher degrees of automation for their data center operations, EMC software provides customers with end-to-end service visibility and control across their complex IT information infrastructures.  
IT Compliance Analyzer performs both real-time analysis and reporting to inform IT managers of application configurations and dependencies that violate user-defined policies in a networked environment.  The appliance enables users to create policies that automate the process of identifying, monitoring, and alerting IT operations to violations of application configurations, changes, and dependencies.
Potential policies that could be created include those regarding password requirements, limits to simultaneous usage of applications, use of secure protocols, and application hardware requirements.  The pre-packaged PCI DSS policy template consists of policies that continuously check for configuration, dependency, and connection violations to enable IT teams to catch credit card data IT conformance issues before they become critical.  
EMC Smarts Application Discovery Manager – an agentless, application discovery, change impact and dependency mapping solution – acts as the data source for IT Compliance Analyzer.  
Smarts Application Discovery Manager automatically discovers and captures all critical configuration information – including change details, as well as the critical dependencies between applications and the infrastructure on which they rely.  Leveraging this knowledge, IT Compliance Analyzer then enables businesses to achieve application validation for compliance with internal policies and standards, regulatory requirements and best-practices for business critical applications –as well as operation issues such as predicting compliance implications of new application deployment.
Specifically, IT Compliance Analyzer is distinguished by three main functions:
* Automated, ongoing discovery: Using Smarts Application Discovery Manager as a foundation, IT Compliance Analyzer automatically and in real-time discovers changes, configurations and dependencies in the application environment.  The appliance compiles the data for analysis against IT policies.
* User-defined policy management: Enables users to create policies that automate the process of identifying, monitoring, and alerting IT operations to violations of application configurations, changes and dependencies.  Additionally, customers can leverage preconfigured policy templates to simplify application validation for external regulatory policies.
* Realtime policy violation alerts: Flexible enough to detect violations across a wide variety of policies, the appliance analyzes the configuration, change and dependency data from a wide variety of applications, servers and networks and applies it to the policies. When policy violations occur, IT operations are immediately alerted.  The solution tracks compliance of new objects automatically as they’re added to the environment and reports on policy violations in real-time.
“Nearly every business today is subject to some form of IT compliance – whether it’s self-imposed or mandated by an external regulatory entity.  Up until now, IT compliance has largely been a highly manual and expensive process,” says Alex Robertson, EMC’s Technology Solutions Manager.  “EMC IT Compliance Analyzer is a truly unique solution – enabling organizations to bypass error-prone manual processes and truly automate compliance with IT governance around application configurations and dependencies.”