 To effectively address the security challenges of an enterprise environment, a proactive, automated approach to security is required. PoliVec Enforcer allows IT professionals to monitor and enforce, in real-time, critical security policy configurations across an enterprise, increasing IT productivity and lowering IT support costs.
Building Security Policies
PoliVec Enforcer allows users to import a comprehensive IT security policy for their enterprise from PoliVec Builder, our security policy development tool. Once this policy is implemented, PoliVec Enforcer uses the O/S - specific implementation standards generated by PoliVec Builder to monitor the defined security policy parameters.
The Architecture
 PoliVec Enforcer consists of a lightweight Agent that runs a series of security-relevant tests on target devices and host computers, an Agent Manager that communicates with and manages the Agents, and a Controller that manages the entire system. In addition, a Console provides a graphical user interface for both administration and operation.
Binary Vector Technology
The product is founded on our patent-pending binary vector technology. By using binary vectors, the actual configuration of the various security mechanisms across all supported devices can be quickly evaluated and compared against a stated set of security settings. Binary vector technology is extremely efficient because it requires very little bandwidth and system resources. This is ideal for managing the security posture of large enterprises.
Alarms and Escalation
Alarm conditions are handled through the use of a series of user defined escalation procedures. For example, if an alarm is generated for a specific asset due to a password security configuration setting, based on the escalation procedures, a console alarm and e-mail the system administrator is generated. If after a specified period of time the alarm is still present, the next step in the escalation plan may be to page the system administrator. This type of escalation can continue until the security problem is resolved. In addition, users can create flexible alarm rules that define which escalation plan to apply.
Monitoring the Enterprise
At pre-defined intervals, agents execute their specific tests and transmit their binary vectors to the Agent Manager for evaluation. As binary vectors are received, the Agent Manager evaluates each vector against the specific implementation standard assigned to that device to determine if an error condition exists. If an error is present, the Agent Manager forwards the detailed information to the Controller. The Controller generates a Console alarm, logs the event, and executes the escalation plan associated with that type of failure on that asset. In addition to providing an alarm at the Console, PoliVec Enforcer provides a great deal of detail regarding each alarm. This detail includes a description of the alarm, a recommended corrective action, a reference to the actual policy statement associated with the alarm, and and details regarding the escalation plan associated with it.
Reporting
PoliVec Enforcer generates reports detailing the device the alarm occurred on, the date and time the alarm occurred, the alarm type, the current status of the alarm and a detailed description of the test failure. In addition, users can generate reports for all assets, a few selected assets, or just one individual asset. Reports can also be exported to HTML (.htm), Adobe Acrobat (.pdf), Microsoft Excel (.xls), and Comma Separated Values (.csv) formats.
|
