CSA management is performed through a Web interface, and one of its key strengths is its canned policies. We found built-in policies for Microsoft IIS and SQL, standard Windows processes, Apache, DHCP, DNS and many more. Sendmail, iPlanet and Apache policies are available on the Unix side. CSA supports only Sun Solaris and Windows, but the vendor says Linux support is coming this year. For the most part, the management interface kept Unix and Windows policies and settings separate, making it easy to see which policies go to which OS.
Each policy is comprised multiple rules. A rule specifies to allow, deny or query a user for access to a resource. The "query user" command is used chiefly for desktop control. We could set rules for network, file or registry access, as well as for restarting services, limiting connections per minute and specifying which applications a process can run. For example, we denied FTP servers the right to execute command shells by creating a deny rule for application-class "FTP servers" accessing $command shells. An application class is a list of potential processes grouped together logically; we specified all the FTP programs we used here. If we wanted to install a new FTP program, we'd simply modify the FTP applications macro, and that app would be added instantly to all policies that reference it.
We could create macros for file groupings, network addresses, services, registry entries and COM components, and they can be used in multiple levels. It took us less than 10 minutes to understand and appreciate this flexibility. Platform Logic offers a similar feature, but it's not nearly as easy to use.
Next, we set up groups. A group is a collection of machines and associated policies. CSA let us combine multiple policies into one ¼ber security policy. We created a group called "IIS-DHCP" and associated our built-in IIS and DHCP policies. We then created a custom install agent to register the server into this group automatically. We could even download the installer directly from the management station via HTTPS. After we installed the agent, the node downloaded its policies, and we were good to go. Our only nit: We'd have liked a tree view of the groups. As it is, we could look at only one group membership enrollment at a time.
CSA uses Crystal Reports for report generation. These reports are suitable for printing, but we would have liked hyperlinking to various elements. The alerting engine is excellent. We could configure an event to be sent via e-mail, SNMP, pager or piped to an application. Even better, we could easily correlate different types of events to different people, depending on the server group, event type or affected policy.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
