Understanding Change Management



Similar documents
Monitoring Windows Workstations Seven Important Events

Monitor Mobile Devices via ActiveSync Using EventTracker

Integrate Microsoft Windows Hyper V

Monitoring SharePoint 2007/2010/2013 Server Using Event Tracker

Monitoring Microsoft SQL Server Audit Logs with EventTracker The Importance of Consolidation, Correlation, and Detection Enterprise Security Series

Enable File and Folder Auditing

Meeting HIPAA Compliance with EventTracker

EventTracker: Support to Non English Systems

Integrating Juniper Netscreen (ScreenOS)

Integrate Astaro Security Gateway

Integrating Symantec Endpoint Protection

Monitor DHCP Logs. EventTracker. EventTracker Centre Park Drive Columbia MD Publication Date: July 16, 2009

Fifty Critical Alerts for Monitoring Windows Servers Best practices

EventTracker Architecture Handling Millions of Events Each Day

Upgrade Guide. Upgrading to EventTracker v6.0. Upgrade Guide Columbia Gateway Drive, Suite 250 Publication Date: Sep 20, 2007.

5 Reasons Your Business Needs Network Monitoring

Virtual Collection Points

Five Reasons Your Business Needs Network Monitoring

Integrate Cisco IronPort Web Security Appliance (WSA)

How To- Create Local Account and Active Directory Authentication EventTracker Enterprise

Integrate Websense Web Security Gateway (WSG)

Apache: Analyze Logs for Malicious Activities & Monitor Server Performance

Server Consolidation with SQL Server 2008

Integrate Check Point Firewall

NSI Solutions with Microsoft VSS

IIS Web Server Configuration Guide

EventTracker: Configuring DLA Extension for AWStats report AWStats Reports

MAXIMUM PROTECTION, MINIMUM DOWNTIME

EventTracker: Configuring DLA Extension for AWStats Report AWStats Reports

Solution Recipe: Remote PC Management Made Simple with Intel vpro Technology and Intel Active Management Technology

Proactive. Professional. IT Support and Remote Network Monitoring.

Windows Scheduled Tasks Management Pack Guide for System Center Operations Manager. Published: 07 March 2013

How to Install MS SQL Server Express

IIS Web Server Configuration Guide

How to make your business more flexible & cost effective? Remote Management & Monitoring Solutions for IT Providers

Integrate Cisco IronPort Security Appliance (ESA)

Executive Summary: Cost Savings with ShutdownPlus Rolling Restart

Windows Small Business Server 2003 Upgrade Best Practices

Managed Service Plans

System Planning, Deployment, and Best Practices Guide

Windows Embedded Security and Surveillance Solutions

Detecting a Hacking Attempt

Datacenter Management Optimization with Microsoft System Center

TABLE OF CONTENTS. 1...Introducing N-central 3...What You Can Do With N-central 4...MONITOR: Proactively Identify Potential Problems

Integrating Barracuda Web Application Firewall

Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology

Remote Monitoring and Management: The Key to Proactive, Efficient IT Service Delivery

How To Create An Intelligent Infrastructure Solution

The Vital IT Protection- V.I.P. Network Support Program Overview Vital Voice & Data ext 301

The Top Ten Insider Threats and How to Prevent Them

BACKUP ESSENTIALS FOR PROTECTING YOUR DATA AND YOUR BUSINESS. Disasters happen. Don t wait until it s too late.

Security Beyond the Windows Event Log Monitoring Ten Critical Conditions

ShadowStor, Inc. Leading the Way to Safer Computing 2003, All Rights Reserved. ShadowStor, ShadowUser, ShadowServer and ShadowMode are trademarks of

Access to easy-to-use tools that reduce management time with Arcserve Backup

Providing Immediate ROI & Productivity Gains Cutting IT Support Costs and Increasing Operating Efficiency

Information Security

Rapid recovery from bare metal, to dissimilar hardware or to and from virtual environments.

About Us. 2 Managed Services E: sales@ironcovesolutions.com T: W: Our Mission. What We Do

Secure IIS Web Server with SSL

How would lost data impact your business? What you don t know could hurt you. NETWORK ATTACHED STORAGE FOR SMALL BUSINESS

Desktop Management for the Small Enterprise

SERVICES BRONZE SILVER GOLD PLATINUM. On-Site emergency response time 3 Hours 3 Hours 1-2 Hours 1 Hour or Less

Proven LANDesk Solutions

Fifty Critical Alerts for Monitoring Windows Servers Best Practices

How To Use Windows Small Business Server 2011 Essentials

Symantec NetBackup Desktop and Laptop Option README. Release 6.1 MP7

Driving Company Security is Challenging. Centralized Management Makes it Simple.

How to Keep Your Computer Network Up, Running, and Problem FREE

Remote Control/Problem Resolution

Understanding Automotive EDI Automating and Integrating EDI for Increased Efficiency and Improved Delivery Performance

EventTracker Enterprise v7.3 Installation Guide

Symantec System Recovery 2013 Management Solution Administrator's Guide

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Fast and Effective Migration from Novell to Windows Active Directory with VMware Mirage WHITE PAPER

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

Server based computing An introduction to server based computing, its advantages and how it works.

WHITE PAPER Assessing the Business Impact of Network Management on Small and Midsize Enterprises

Proactive Performance Management for Enterprise Databases

The Power Of Managed Services. Features

CA XOsoft Continuous Data Protection Solo V4

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

PREMIER SUPPORT STANDARD SERVICES BRONZE SILVER GOLD

Understand Backup and Recovery Methods

Archiving, Retrieval and Analysis The Key Issues

Getting the Benefits of Managed Services without the Expense and Disruption to your Business

Remote control/problem resolution

Online Transaction Processing in SQL Server 2008

A Microsoft U.S. Public Sector White Paper by Ken Page and Shelly Bird. January government

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

Kronos Workforce Central 6.1 with Microsoft SQL Server: Performance and Scalability for the Enterprise

MANAGING SEARCH, RECOVERY, AND MIGRATION IN EXCHANGE ENVIRONMENTS

W H I T E P A P E R. Reducing Server Total Cost of Ownership with VMware Virtualization Software

Why cloud backup? Top 10 reasons

Backup & Disaster Recovery for Business

2014 StorageCraft. All rights reserved. UK CASE STUDY: ZENZERO IT Solutions

How to Turn Your Network into a Strategic Business Asset with Purview EBOOK

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

Firewalls Overview and Best Practices. White Paper

USER GUIDE CLOUDME FOR WD SENTINEL

Transcription:

The importance of change management Enterprise Security Series White Paper 8815 Centre Park Drive Publication Date: Aug 30, 2007 Columbia MD 21045 877.333.1433

Abstract The purpose of this document is to help users to understand the concept of System Change Management and to introduce WhatChanged for centralized change management. WhatChanged is the Change Management component of EventTracker. The information contained in this document represents the current view of Prism Microsystems, Inc. on the issues discussed as of the date of publication. Because Prism Microsystems, Inc. must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Prism Microsystems, Inc. and Prism Microsystems, Inc. cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. Prism Microsystems, Inc. MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, this Guide may be freely distributed without permission from Prism, as long as its content is unaltered, nothing is added to the content and credit to Prism is provided. Prism Microsystems, Inc. may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Prism Microsystems, Inc. the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person or event is intended or should be inferred. 2008 Prism Microsystems, Inc. All rights reserved. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Prism Microsystems, Inc. 2

Overview Ever wonder why the PC that was working perfectly before is suddenly misbehaving? Ever wonder what changed when you did nothing and suddenly things no longer work correctly? Ever felt the desire to simply go back to a previously working configuration? The file system and registry of a networked PC today changes constantly and in most cases, invisibly. The change may be voluntary or involuntary, harmless or harmful, but the change is always a mystery. Often these changes lead to incompatibilities and applications simply cease to operate, or in the worst cases you get system downtime either way a great deal of time is spent puzzling out exactly what happened or, really, what changed. An average system administrator spends around 80 to 90 percent of his system/application trouble shooting time on problems that are caused by change. They spend only around 10 to 20 % of their time with severe problems like an OS crashing or other hardware related problems. If a tool can provide change data in a user friendly manner then an average system administrator can save a large chunk of his day on minor trouble shooting and channel his energy to more constructive tasks. For Servers, nothing should change other than data files, log files and error files outside of managed maintenance windows without careful review and documentation. A minor change that causes a user inconvenience on a workstation, can cause an entire department to suffer lost productivity. What is required is a tool that can monitor both what has changed on the system, as well as alert on changes that are prohibited by policy. EventTracker and it s WhatChanged for Windows component from Prism Microsystems, Inc is a must have tool for every critical server and desktop. WhatChanged helps you understand the changes that have occurred on a computer s file system and registry and provides you with a lifeline to restore it back to a working configuration. Using Change Management Be in control of all critical systems/applications. Analyze the change data to quickly identify and back-out faulty changes. Identify and cure your systems of new viruses before your Anti-Virus provider comes up with a cure. Have insurance when installing new software or making major configuration changes. Enhance security by having detailed information about all changes and accesses. Reduce dependence on human input to diagnose and resolve system/application problems. Prism Microsystems, Inc. 3

What is Change Management? The file system and registry of every Windows system is ever changing. This change may be voluntary or involuntary and happens quickly and often without the user s knowledge. Under the current Windows OS architecture there is no easy way for the user to understand change, identify change and recover from change. Change Management is a concept by which all system changes are intelligently tracked and reported on demand for the user to analyze, understand and if needed recover from change. The advantage of change management is that it provides the user insurance against change that could be harmful. During the course of a day there are thousands of changes happening on your Windows systems. By using an effective change management solution you can view changes with only the critical ones being highlighted, while having the non-critical folders and registry hives filtered out. In short, change management is a process by which the user can monitor, analyze, understand and recover from change. Prism Microsystems, Inc. 4

The WhatChanged Component WhatChanged works by taking periodical snapshots of systems (file system & registry) and comparing between the latest snapshot and any of the previous snapshots. Snapshots can be scheduled to be taken automatically or on an on demand basis. The timing and frequency of automatic snapshots is configurable. A centralized console provides a single window for monitoring changes on all systems in an enterprise. WhatChanged is a must have tool for any organization that needs to proactively manage change on their 2000/XP/2003 machines. With WhatChanged you have the following key benefits Provides system change data in an intelligent manner, highlighting changes and filtering out non-critical folders, files and registry hives. Has a centralized console to monitor changes on all systems in the enterprise; it also provides a Client Manager that assists in the Agent deployment. Provides a powerful option to analyze, detect and prevent the spread of new viruses. Reduces fault diagnostic time. Reduces Total Cost of Ownership (TCO). Improves control of critical systems / applications. Enhances security. Provides insurance against change. Provides a 24x7 tutor that can help you understand your systems. Prism Microsystems, Inc. 5

The WhatChanged architecture The WhatChanged architecture consists of 2 main modules, namely the central Console, and the Agent. The Console in turn has 4 components; the Console Service, the Console GUI, the Client Manager and a backend database that stores enterprise change data. A typical deployment of WhatChanged can include one Console and multiple Agents installed on each client machine. The WhatChanged Architecture is as shown in the diagram below: Figure 1. WhatChanged Architecture Prism Microsystems, Inc. 6

How WhatChanged benefits an organization WhatChanged provides an organization with a strong handle in managing the Windows systems in their enterprise. The key benefits include: 1 Increases system availability by reducing downtime. System downtime causes significant losses in customer retention, brand reliability and most importantly revenue. 2 Reduces support response time. The support staff will be empowered with change information about the system. WhatChanged change view will restrict the data shown to only changed folders/files/registry, reducing failure isolation time and problem resolution time. 3 Reduces Total cost of ownership (TCO). TCO will be reduced drastically when system downtime is reduced. Reducing system downtime means higher availability of help desk staff for other tasks, better utilization of technical staff that uses these systems besides enabling higher system availability. 4 Enhances Security. WhatChanged can provide you with detailed change reports that can help identify breaches in security. 5 User friendly reporting. Provides flexible and user-friendly reports highlighting critical changes. 6 Provides insurance. With WhatChanged installed you can be confident when installing new software or making major configuration changes as you have information available that can help in reverting back to a good configuration in case of any problem. 7 Enterprise class solution. When combined with EventTracker, WhatChanged provides an enterprise level system and network management solution. Solve complex problems The following section provides examples of typical problems that customers are able to solve using WhatChanged. Problem: Our Oracle server was running fine till last week. It is up and running now, nothing seems obviously wrong but users complain of connection breaks in mid transaction. We have not changed anything as far as we know and the problem is intermittent and not readily reproducible. Which vendor do we call? We tried Oracle, Microsoft, our hardware vendors, software vendors too, but as we don t know exactly what happened or what caused it we can t really get much help. Our IT staff has wasted incredible amounts of time on this. Solution: In minutes WhatChanged provides a view of exactly what changed between last week (when it was working) and now (when it is not working). You can educate yourself and formulate your own plan to attack the problem with better knowledge of what has occurred. Problem: My manager is a power user. Out of the blue, a problem has occurred with their PC and they are getting cryptic error messages when sending emails. Need to get to the bottom of this quick. They think the system settings are somehow changed but which ones? Prism Microsystems, Inc. 7

Solution: WhatChanged to the rescue. View the system settings change history, restore working system settings in seconds. Problem: Our IT department supports >2000 users. Often users do not provide sufficient or accurate information on the problem. Impatient users are harder to deal with. It takes longer to first diagnose and then correct the problem. User satisfaction and timeliness of resolution is poor. We constantly feel understaffed and resort to expensive consultants to cope. Solution: As soon as a user calls with a problem, view the change history of the user machine right from your own computer. You can then ask all the right questions and often resolve the problem as the user is still explaining the impact. Increase user satisfaction and decrease time to respond. Problem: A user reports that they are unable to access services on the server. A trained IT professional goes through troubleshooting and eventually figures out that some services are simply not starting. He calls vendors but no ready answers are forthcoming. Luckily a backup is available but the only way to recover is to restore the whole system disk, which requires significant downtime and a night of testing. Solution: With WhatChanged you can restore the registry to a known working state in a few seconds. Find out which files were changed, added and deleted. No reason to recover the whole system blindly. In many cases there is no downtime and you can restore only those files from the backup which were changed or deleted. Problem: A new virus strain has infected some of your systems. Solution: WhatChanged, as a companion to antivirus software can detect changes to the registry or the file system on multiple systems from a central location. Look for patterns of change and detect and quarantine affected systems quickly. Save critical downtime. Problem: We sell new computers. We build good machines and provide quality support. Preshipment testing has minimized DOA cases. However users still call us with problems. In this competitive market, our profit margin is wiped out if we spend a lot of time supporting the end user. Is it something they did? If we don t respond, user satisfaction is poor but if we try and support them and it takes a long time, our margin is compromised. Solution: Include WhatChanged plus a snapshot of the original configuration with the shipment. Figure out what has changed since shipment. Convert a large number of one-hour support calls to five-minute calls. Increase customer satisfaction without compromising on margin. Problem: Hundreds of users at work end up installing junk, incorrect versions or unlicensed products. We could police them but it will take a great deal of time on our part and power users will get annoyed. Solution: With WhatChanged you can monitor software installs remotely and decide to take action if necessary. This keeps power users happy while still retaining control. Problem: We have less than 200 users. We are fully aware that knowledge and expertise of IT staff is key for system availability and TCO, but each IT resource has very broad responsibilities and training for all IT employees is expensive and we can t afford it. Solution: WhatChanged enables you to see what changes are made in the system with modifications or a new install and provides excellent insight to the underlying system. This can help you transform your good IT staff to the best. Problem: You installed a software package only to find that another key application stopped working. You uninstalled that newly installed software but your key application is still not working. Solution: As you install the new package, WhatChanged automatically reminds you to take a snapshot. If the new install doesn t work out, and the un-installation does not fully recover the system it enables you to recover cleanly with little effort. Prism Microsystems, Inc. 8

Problem: You are always hesitant to change key parameters. Consequently, you are reluctant to try out changes your instinct tells you will solve a user s problem, as you are worried you will not be able recover from the change, and the problem will get worse. This slows you down. Solution: WhatChanged enables you to take new snapshots before you make any changes. Give your instincts free rein to solve user problems you have insurance! Prism Microsystems, Inc. 9

Summary Modern day businesses are heavily dependant on their IT infrastructures to maximize profitability and customer retention. System downtime is a major cause for concern and an effective Change Management solution is valuable to increase system availability. WhatChanged provides an ideal solution for centralized change management and system restoration on your Windows servers and workstations. It eases the burden on the support staff and ensures that problems are either averted or solved in minimum time. Prism Microsystems, Inc. 10

About Prism Microsystems Prism Microsystems, Inc. delivers business-critical solutions to consolidate, correlate and detect changes that could impact the performance, availability and security of your IT infrastructure. With a proven history of innovation and leadership, Prism provides easy-to-deploy products and solutions for integrated Security Management, Change Management and Intrusion Detection. EventTracker, Prism s market leading enterprise log management solution, enables commercial enterprises, educational institutions and government organizations to increase the security of their environments and reduce risk to their enterprise. Customers span multiple sectors including financial, communications, scientific, healthcare, banking and consulting. Prism Microsystems was formed in 1999 and is a privately held corporation with corporate headquarters in the Baltimore-Washington high tech corridor. Research and development facilities are located in both Maryland and India. These facilities have been independently appraised in accordance with the Software Engineering Institute s Appraisal Framework, and were deemed to meet the goals of SEI Level 3 for CMM. For additional information, please visit http://www.prismmicrosys.com/. Prism Microsystems, Inc. 11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information