Elemental Compliance System 1.1 leverages the end point
The days of simply providing a user name and password for network access surely are numbered. Pursuing the new grail of policy-based access control, the ECS (Elemental Compliance System) Version 1.1 is a server-based system that uses small Java agents on Windows, Red Hat Linux, and Sun Solaris hosts to collect system information and to monitor and control all computer access on the network. Based on the details of the access policy, the agent may allow a computer to connect to a group of hosts while denying connections to others.
ECS knows all about each system the agent is installed on. There are literally hundreds of attributes an ECS agent reports back to the server for classification. ECS agents not only run integrity checks on hosts and enforce client-side configuration policies, but also provide a mechanism for managing hosts not running the agent, gathering information about unmanaged hosts and dynamically placing them into an “unknown” group. Managed hosts will then either allow or deny connections from the unknown computers based on the defined “unknown hosts” policy.
I tested this feature recently by deploying the ECS agent on two Windows Server 2003 servers and attempting to connect to both from another PC with valid domain credentials. Because my PC was unknown to ECS and the unknown host policy was to deny all connection attempts, I was completely blocked from my servers.
The ECS server allows you to express policies that govern host configurations and all communications among hosts throughout the network; controlling rogues represents just a small slice of what this innovative product can do. I’ll plumb the depths of ECS’s capabilities in an upcoming review.
Elemental Compliance System V.1.1
Cost: Starts at approximately $100,000
Availability: May 17, 2005
The transition from command line to line-of-command requires a new mind-set -- and a thick skin
Siri gets smarter. Apple Watch gets much more useful. And is Apple Music poised to kill other streaming...
People who have it don’t want it. People who want it don’t have it. Here's how to go from iconed to...
The Web's security runs on complicated PKI deployments, few of which are implemented correctly, and all...
Solid new version of Windows 10 Insider Preview makes it look likely that Microsoft will indeed hit RTM...
Package ecosystem and graphics are strengths; security and memory management are weaknesses
Self-checkout comes to the food court, with the same mixed experience as at any self-checkout terminal ...