RESTON, Va.--(BUSINESS WIRE)--SolarWinds (NYSE:SWI), a leading provider of powerful and affordable IT management software, announced enhancements to its SolarWinds® Server Configuration Monitor (SCM) product. SolarWinds SCM, which works to detect and compare configuration changes to servers, databases, and applications, now integrates a policy compliance engine aimed at helping IT teams simplify and more efficiently achieve compliance and compliance reporting, with an initial focus on the federal space.
While the Department of Defense (DoD) has made managing risk easier by providing an enormous variety of hardened baselines for operating systems, system components, and network devices through Security Technical Implementation Guides (STIGs), it’s still dependent upon IT to help ensure their systems are secure and compliant. Automation is the key to alleviating some of the burden placed on IT teams. SolarWinds SCM, by integrating a policy compliance engine focused on select STIG policies, makes it easier for federal IT pros to automatically check systems and applications for STIG compliance, deliver clear and quick compliance results for auditing purposes, and identify non-compliant elements for more efficient remediation.
“Automation is critical in reducing the compliance burden on federal IT pros’ shoulders,” said Jim Hansen, vice president of product strategy, SolarWinds. “Our 2020 Cloud Confessions Survey found 78% of IT pros reported spending less than 10% of their time proactively optimizing their environments versus reactively maintaining. The latest enhancements to SolarWinds SCM, which were frequently requested from user groups and customers, will lessen the compliance burden and allow IT pros to focus on other priorities.”
SolarWinds SCM operationalizes policy compliance monitoring for servers and applications by tracking their compliance percentage across an IT environment over time. The SCM policy compliance engine currently focuses on DISA STIG policies for Windows® 2016, SQL Server® 2016, and ILS 8, with plans to continue to expand to other policies in the future. Each rule reads a configuration from a file, device, command, registry setting, and more, pulls the needed information, evaluates it against the benchmark, and returns a pass, fail, or unknown. From there, evaluation results can be aggregated to give a summary compliance percentage of a node or a policy. For polices that fall below a threshold, or when an individual rule fails, IT pros are then alerted. Users will also be able to create their own reports and import them into the policy compliance engine.
SolarWinds Solutions for Government
- Pricing for SolarWinds software is available on the U.S. General Services Administration (GSA) Schedule, CHESS ITES-SW, and other contract vehicles.
- U.S. Government certifications and approvals include DoDIN APL, Army CoN, Navy DADMS, DHS CDM DEFEND APL, Common Criteria, and USGv6 IPv6 Tested Registry. Technical requirements include FIPS compatibility, DISA STIGs, and National Institute of Standards and Technology (NIST®) compliance.
- SolarWinds has hundreds of built-in automated compliance reports capable of meeting the requirements of major auditing authorities including DISA STIG, FISMA, NIST, RMF, and more.
- SolarWinds Network Configuration Manager (NCM) provides a number of out-of-the-box compliance report templates installed with the product, and these are designed to help users prepare for an inspection. Other policy compliance templates are available from the SolarWinds THWACK® online user community.
- SolarWinds Server Configuration Monitor
- SolarWinds Public Sector Cybersecurity Survey Report 2020
- SolarWinds Product Certifications Webpage
- SolarWinds Orion® Platform
- Cloud Confessions Survey 2020
Connect with SolarWinds
SolarWinds (NYSE:SWI) is a leading provider of powerful and affordable IT management software. Our products give organizations worldwide—regardless of type, size, or complexity—the power to monitor and manage their IT services, infrastructures, and applications; whether on-premises, in the cloud, or via hybrid models. We continuously engage with technology professionals—IT service and operations professionals, DevOps professionals, and managed services providers (MSPs)—to understand the challenges they face in maintaining high-performing and highly available IT infrastructures and applications. The insights we gain from them, in places like our THWACK community, allow us to solve well-understood IT management challenges in the ways technology professionals want them solved. Our focus on the user and commitment to excellence in end-to-end hybrid IT management has established SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services. Learn more today at www.solarwinds.com.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks of) their respective companies.
© 2020 SolarWinds Worldwide, LLC. All rights reserved.