|
Wipro used Accent Enterprise Security Manager
(ESM) software tool to monitor the servers. Using
ESM, we managed security policies, evaluated system
conformance with security policies, checked systems
for vulnerabilities or unauthorized privileges,
and provided integrity checks and detected changes
to security settings or files.
ESM has the ability to automate many of the tasks
related to security management, for example, policy
creation and conformance checking. The Scheduler
extends these automated capabilities by allowing
the security administrator to set up several policy
runs over a period of time and leave them unattended,
knowing that they will be run.
The Scheduler will also notify the administrator
via e-mail that the runs have been completed,
and then provide a summary of the security status.
Runs can be scheduled by time every week, or as
one-time runs for special report. The policy run
scheduler includes a calendar and mailing lists
that allow the results to be sent to designated
company officers and other employers.
By using this scheduler the twelve countries
are scheduled in batches. i.e. in every six country
manager is scheduled every alternate week, which
means in each country, manager has two policy
runs in a month. The schedules are configured
to run at 20:00 for UNIX and for NT 23:00 on every
Saturday.
The report generated is then ported in a predefined
format and submitted to the client representatives.
The client's implementation team reviews the reports
every week and takes action to fix the errors
reported by ESM. The effort is to reduce the number
of errors every week and reach a state of no error.
|
