Elemental Compliance System 1.1 leverages the end point
The days of simply providing a user name and password for network access surely are numbered. Pursuing the new grail of policy-based access control, the ECS (Elemental Compliance System) Version 1.1 is a server-based system that uses small Java agents on Windows, Red Hat Linux, and Sun Solaris hosts to collect system information and to monitor and control all computer access on the network. Based on the details of the access policy, the agent may allow a computer to connect to a group of hosts while denying connections to others.
ECS knows all about each system the agent is installed on. There are literally hundreds of attributes an ECS agent reports back to the server for classification. ECS agents not only run integrity checks on hosts and enforce client-side configuration policies, but also provide a mechanism for managing hosts not running the agent, gathering information about unmanaged hosts and dynamically placing them into an “unknown” group. Managed hosts will then either allow or deny connections from the unknown computers based on the defined “unknown hosts” policy.
I tested this feature recently by deploying the ECS agent on two Windows Server 2003 servers and attempting to connect to both from another PC with valid domain credentials. Because my PC was unknown to ECS and the unknown host policy was to deny all connection attempts, I was completely blocked from my servers.
The ECS server allows you to express policies that govern host configurations and all communications among hosts throughout the network; controlling rogues represents just a small slice of what this innovative product can do. I’ll plumb the depths of ECS’s capabilities in an upcoming review.
Elemental Compliance System V.1.1
Cost: Starts at approximately $100,000
Availability: May 17, 2005
Windows 7 is suddenly telling users it isn't genuine -- and it has nothing to do with Windows being...
Windows users are reporting significant problems with four more October Black Tuesday patches
Microsoft sends KB 2952664 through the automatic update chute for the seventh time -- and still can't...
Sponsored by Nuage Networks
Sponsored by Fibre Channel Industry Association
Project Spartan combines a minimalist look and feel with a rendering engine designed to keep pace with...
Oh, those security researchers, always coming up with exotic new ways to penetrate systems -- but the...
Microsoft has designed Office 365 so that it can be managed by Microsoft's Intune mobile manager only ...
Windows support had been the most-requested feature for the framework, which now also supports MongoDB...