Enterprise Applications - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Enterprise Applications


Idaho Power Taps nCircle to Ease Compliance Chores



 By: Cameron Sturdevant
2007-12-17
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Enterprise Applications story.


Rate This Article:
Poor Best
Case Study: Configuration Compliance Manager automates checks for SarbOx and internal control compliance and tips off admins to trouble.

Manual audits to check for Sarbanes-Oxley Act and internal control compliance of Idaho Power's servers was eating up too much time. One solution was to test a small percentage of representative servers, but Idaho Power wanted more complete information and in August 2006 started looking at compliance solutions. The result was the February rollout of nCircle Network Security's Configuration Compliance Manager.

Idaho Power deployed a central management server and five scan engines that implement agentless information gathering, including using WMI (Windows Management Interface) and other techniques to gather configuration information from more than 400 Windows Server 2000 and 2003 systems, as well as approximately 50 SUSE Linux servers. (CCM also can collect configuration information about network infrastructure and applications.)

Idaho Power is an electric generation and distribution company in southern Idaho and eastern Oregon, serving an estimated population of 943,000 in approximately 80 cities. The organization has about 2,000 employees.

Resource Library:
The nCircle CCM product enables Idaho Power to track configuration changes and regulatory compliance inside its heavily segmented and strictly separated environment by using scan engines running in virtual machines. Idaho Power needed only a couple of changes to firewall rules to enable communication between the scan engines, which monitor registry settings, log files and user accounts, among other things, to create reports for senior managers, system administrators and auditors.

Alex Tatistcheff, information security manager for Idaho Power, led the nCircle CCM evaluation and implementation process, in an effort to automate complex processes.

"Our biggest pain came when auditors would try to audit against our server standards, which tells how a server should be configured as far as registry settings, password policy, event log settings, what should be logged, various user privileges, whether the guest and administrator account is renamed," said Tatistcheff. "An auditor would have to sit down with a server engineer, pick three different servers out of a group and just do print screens and say "Show me this" and "Show me that." It would take quite a while. And they'd only get a very small subset of the servers. So what we needed was a tool that would automatically check preferably all of the settings in our baseline, and also do that for Windows and Linux servers."

SarbOx compliance is Idaho Power's main concern, but not its only one. The company is in the process of meeting other, energy-related regulations, including the CIP (Critical Infrastructure Protection) standard from the NERC (North American Electric Reliability Corporation). "I don't expect these to translate very directly into server settings," said Tatistcheff.

nCircle's CCM provides Idaho power with data collection and reporting capabilities. Tatistcheff now provides company managers and auditors with reports that show exactly what is happening with the servers.

Click here to read more about compliance scanning.

For example, a high-level report with charts that show how many servers passed and how many failed in particular groups goes to the CIO and the business managers. A more detailed report for server administrators provides data on which tests and policies failed so that the admins can address the issues.

Auditor reports have made short work of compliance reporting, according to Tatistcheff, who also sends the detailed reports to the Idaho Power service desk. The service desk creates tickets based on the reports and then works with server administrators to remediate problems.

As part of the deployment process, Tatistcheff gave nCircle Idaho Power's standard configuration baseline. "They took that and wrote most of the tests we would need," he said. "Some of those were based on their existing tests. That probably got us 70 percent of the way toward the final policy, at least for Windows. They did the same thing for Linux. We took what they did and tweaked it a little further by adding some tests here and there and making some modifications."

With the nCircle CCM in place, Tatistcheff has seen a big drop in the amount of staff time needed to monitor server configuration compliance. He now wants to explore using the product to further monitor configuration change management. "When the administrators group membership changes, we get a notification," he said. "I'd like to go further into the change management part of CCM."

Check out eWEEK.com's Compliance Center for the latest news, commentary and analysis on regulatory compliance.



  Reader Comments: Idaho Power Taps nCircle to Ease Compliance Chores
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Enterprise Applications Articles          >>> More By Cameron Sturdevant
 


x}r۸j9km#d[b[^L*EBER̜ 7I%_IʶD th4?'I"gf;ܢd{C5靿M$mwLUQV #3,(S]MHwW3fYЩP?`᳑(,4I .* پtis涱GfrK.V8ac:)} Tw<-0;DL=:n/{EÙÌ[~Si ~IVwK E/+]oUwm8we{2-\RIQv ? n84h;ʠm5ʥ]U;ާ;yԺ} g dm-5իe`Z$_S::yXB,=8GF j;|#ܲ[-~ 4$0L"ÌJ3~̢.2As08-AA9F,k3sAK%2CRY1oMU5uw'ǽ+r=>;sوlnAZ|YkU[_l O{uHYz>54Y0ѨJj=2OGPY$Y.tp~F x훨-4K;RH }xyp%#,+RY4 M6ȌSHu t~sE']6kiJ5f!`F`u{n6 @kiFkPYT`k6R\ 9lb)6B̄H )&7%#~&,)|yU>EtBAyq>]U${3BDȭ`g@qE !\JZ!}! g|8U%K5bO|૶yxpvwެ/Uմީ-~iEw9ui>^uHwN>_C EhYf7-vIћc^ۍMUf_ʮV1p-~qj0B m] :VP|< }0tD6/3jYsvi(| I}Цޡ:5MH/0i|V834Cuӹݰ=Wԇ9,vD5i-DCw 0Ie&3 yK Νdrko͠~(wEHi>X^0 vjp.HpyY?9@]qksB7}wojkii#1).%w2J}g>] cRRV$C{ hI#r Bг,`@o!``[ww$]V+I+ZeD8TnOu$9gV ڹLXQY,p[/ ͙JRdYU Q򍜈="`&Qea*0pRx5Qזm7+eTڭ5>Mz:㱩y@ == 3ܴ ҆%Llai`2Ґ(sԟxF~ h?HuK:\f3|fZ1k`Jaw4TYnLSS R g?fx0-qڛ:w準I"9`*,qrdžfXi8gNl~|FpIN3_hy>grGֶLo%@W|z].z: %r% 5kb$T`CL W "CɣQHl - v6:6pȞc}nPK-eUVvOLYZf'do#:Ѐap:pHE&@|Z48 y| *OF15[ (:T#;$ftW߀Ē,C>PÍ{c?4]efX1{h'0C \e_'wK0+1SlcSxt$ bݙ7PJj¹1`1}YvMtAkߙ, 0ɢM{8GԿA.iYOTW WI jf h> !枏 Kӥe ֟#n71fIafzžiJ}QVKk=jPm^لHBdDtݡk;J8KP>*fOLKόeesViV))]%f0А:nM";<\6YdE3p3L};L;#0\]>w6Ë HkŎr l{Q&!,`t:W.bWa݅l./]>lf#<,Qhn1] >qDv=h jⲏqĺqK*Z,T i3FɁ㚺/ksO3y>FUUһ<@̙UQ2B;b`"mʹMspIy1gNXe0LvZ_kAqfZ4ھU.R`U!WTQ_>O3(~ TCylRtA&aT˲\\yTGmFr^U%f萋QDp]FEmR…3%!2hs!sp:'S6PFͧzje!I#̸yF0×wgo@@l;Zik.ŒtH/2y1`2I0{`u\%]-XǏ5 ZLT!7ZjiT*7ʒx 2aU$¾-ӧG3}3݀L)߱q놚1&)TJ%z^+%0 97 pu ( Z^ݣ, "d0ZMw`?'z *vBs:Q<&ьR!,9Je&_/$[ yr}c, ,"zj+.=2 x\3\|hqL l_~ن^ߗ%&bn* }J~Zg'7>hRtt@o,+?~ NHb{}=X 8wt_\et{{Awv'0ި[.5. J݋οHuUő=otp-z K2m&A)hvQ:ZnWO+QDuᳳ R`f{ѰAo0 8awŏ퓳EGJ:7]jtKKAVC&yRb}b%_JjpVK,BrcQ{@s`NCeNx>HАݚ-p溟8#M Plؓ9ʇoc$mǶv+ݻw~Zw[q*ApMG<L>?+dc:M"IQUKRF/"2NIJa+:K9z `M#}9JfzӼ4hAxnlOoC]pb^s>1~5?ifҰwߍ /;w}w6+R!EkEwWVd/.%E M OKt1Z/٦;H?V !bi4V3XTdO#@/u,vk)h2> A#؞qabLpx2F'keuw-kS'gSc=/HF#xk&,-G@|PX0\f> V2?'!IZܱSo,*ߞ1;+Nڊ z™+kꈧ x&5U)&5ŗ!%O4y˭0L LP »'Vxne86[b4[05| ttfڰJ[~NK5;0WZ0UUbݱ9ƒ!\q=aQއiѩꉘ{GG'sdyt=4֕_|XPˍQ`]/F8.Q2,vQh;R%m_ryu GN<<<:r+_b.9u| 4'4#lS(:Rz?4EsbfzpKc PaYe"Ru2>zG${d(΁,S{I)X,=&.ND(}gtI̖-Mxg0\B4AW O;i,OyMi2Pq 8Vc"YN<# yjGQ?eFSbCbP0*T;. J=ITyjDvdIJ]y"BA j)q"sέ{\߭4~_ѨWnZ(}=;:uS HJf(P={eiJlI6xԖKcǓѕrii`4`וFMq(6<>>>>ժRiԟSUKVYvwAw:X>xOzv>v-ə6=z H+r]t5Z5| ^7 fhM nø_^=Yt#==rww9$b=i> gYԘ/4 A5nꚜP~mKZE'vƗha0t}yC$D @$ "!5ynyr-ӓ(zF5yt7RB{J<ms+>8Kkpv<$a0d.|^[bG;xmL[뾹W_j"[j9.H@pJ!:^Fxs,C3ke9/4S KWt2CtB'тݎ-u5unDžC@&1 ųcGnw$M"y[BGK@Y=_=}%u^2,F& B۸(ޡ@~T_M%п O>h T:W? CM;";";";"9"wU[vD.םbxY7].˲,n3-X c=ªN$J {CX_f~2n+ut kDK_[뇶05@$g,\] fF@\RD~+.s]a ,0c H|]<LZY% €1'{oT|X)K ci~^_FɁG}<0ږ;hOw>i$C$&pP]?z Uclcf\5^[i簽;JNeũ߱ExHQvJQT.jg56Jv!i3OI}bTxP$o/ :ä'LCG4«#S\03/0q_nM׃ELǔuTǏ[ 's:^[!0G&YHƵ 1pS\^G[q'H|C<[ƏD\^٭)z]kN9-i/; o2n?]*? DW!)KX5Xm~>dׄ  g*Dz'q+h.H"j\De+0-g;0A#샒=%huD?n!,q(Ds+{?:nx& R0_(1vH'p.$XDPaRqKIӲfzA0lsh*b4BM;)Ҍ>&ƘKjxf쪫%*;XuZ˘xf@]3&2MEU6'a)fF<{y ,| 3(U2G :s[g|2֢@ eˡWq-Ÿެ5܍4&1P ɔ8&h~, 㽹W՘% "lnAΜWD ]%F\j5՜tg)6APvWu)b +K-^a>UU'd[[k4 잃%0]ĄsF ~ d  DŽk)JUfwܠ~z*ڟODeh^f#nkv?5 UPD8AAmkZtMx+5 )IoH H]YFBP0\';fu3ta/6 v^hb=ʽ&.4>(4GT@ COwE)d7cr\-=p٥O<|ɧtC{)B|1#!+A1H3v:X~7;.ʮRtHE Ft83[*IF2*mG&~I79t-i`Ik@Jx&9[qb1Ř!c(i͈֜ iurvX;Q ׽dbWoP$P`+wdcb|9Od $0XJ.JeEt03w  s!Q)%nmn$|s 6Xh0usXc- .E.ӻa8x\м/nF 33D f):.l l9 :jeG g >򽉑;0us[ cRC´vxҨ<>& .ycI ^yN4[L/ MO u;5u_F`p3W Vj]OBӡRs]j5q]]xCĠYSf/c"\iBR. ?hR W;Pɺk;$͈u0!XV39]69tHA{9.Aw} HGݨ;χ݋UbPhj5?Bƫx]j1r;ZTmx9j0}P鳷 p!>Ew:һZIk%wgg9CNPkN_eS9=(#ˏGC(?.?P1[hv˻GV(g9nN? P9 ٮu3>y<><@99y^ ?唟BiN?9P~S{3 ?9sw3~=/=?/9q /s_\O997+#O9}}ʡ5_^55u%:Iʙ#gK\8=jW ~@_կ<8|sYM~vï5X^йV. ϑsܿw2~2A^ aqʍ%|I}%kgV[OrPKȣ_ ^敽Ie#xEqB+gل@CX{#u+Jݓs+z`~J\]Mb}+r>VD=m4bMdG,D<mJ91baOd_kE0{ %]#=D~(Ksҗe.os?bj4YQ6=P7].6tpSn%/+0KO[3zTxZ\ڎvڝGfeU]2"Z;Yo%P/#I:y}³2Sw١Gh /O WYJ-Kaġ_${yif4g &H}6ltC{>k'K{*8Mߜ:I< RK,^ ,޻vZ{h~34]Mo4pޣ6&3O3ebHHUJZj^ ?n'WHd6=!"(te|%YUdA.'jnR,.g^9Q(Fuo篛*F0fz!OJ14c­dKbp E?&G'&ElM^ʘ,,$ unQKpR+x;J(q roHTBOkkq=v XI N?ǼiǤi!df:GDxTtSLijaŽ @&YLAɁ (W k8r#Qt#byyy ůa&MXnXP+[7>ވ'DbtA>H_,mgrlCk:fܙ%O_;jfg?>˹I Ǝ$z #߀93r^ɡ=y$>},.q""kH "s{B|%؄wZ}J]gBZ#&w ł" HaC6zK2jQwh}rXs]eM"m,w?cP4vwBjt$,ᗒڈY{N6 )4Mϫ΢YS$.J˺q+0\d~̲`ncO@Kx.^| (g\|i+_D=\׆)O"nty9=|In[zQ[ۗ@1a璧^fWҎ_7. ?^!t#R.܋OFې)0XPy747<'l`IeR =Kk<LCc? `fwlf@OeΝƌQYɶ]:d2- k#6 woaf:γ@W (|x@loM^5.>2z l|_Odxƪ~axh='з57b(Q| Ӽˍt/A.sl2qe[ !ˍK-ˬ9s¥"UXHLX,8. sfu)Q 9.9B<om3+ot%(o`;ЩAA\NXe܌1a#MkhT[/l*SoߩnxaS_<t#CP1M1?&Il=9a|X ^|޹+/`2kuz/p2$82#" $8jo.-Ŭ0&|iE-㨤t`C v_-~ph?g3}"@a)5z`Ʉ~3 f<˜4W6QĶqyn5ұLˡ>S>5 3 .^S ?ӽF5FElT$¨Bx,9.Z0~ 9\\Khc{żpff#3{ ;τ T4}*]x O0QdWPRэX -fE%ZqpR!C795IT}˦GN܌aBar iL%l S^޳hb'/bA-r*r*]xD4;N7/sO{ |I>":xqea =V\r*`wҝX[EsB({}=C*'UN'}B=FBl4*ם`oEaw#KoxAUőh,=P$;N޻lu/N/==[P6 r9F˳`bhP7]hZz'1l4ɋmEg,3lW'JQ^>ۭwߺ"f/Oa6%c|NVKI+.^~)Mj39Q/;V&|Z2c{͵N_ lm`'