By Sean Barry
Did you know that you can extend performance tools’ uses to include systems management? It may not seem intuitive, at first glance, to consider performance management tools as useful for security management tasks. In fact, many administrators’ knowledge of performance management is limited to the built-in Windows Task Manager or the free Process Monitor tool from Microsoft. But these are not true performance management solutions.
The reality is that performance management solutions are software suites deeply integrated within an entire infrastructure. This tight integration enables rich data reporting from across a workgroup, a data center, or a worldwide enterprise. Most performance management solutions have reporting tools that can also give both instant summaries and detailed reports of what’s happening on all systems.
Not surprisingly, when the solution is configured to retrieve security data as well as performance data, the solution’s functionality is extended to become a great security dashboard and reporting tool. That’s the case with most performance suites today. IT professionals want centralized security analysis and reporting across an enterprise, so most software vendors in this space have enabled their systems to provide this feature – either through simple customization or right out of the box.
So how do you configure your performance management tools to serve as a security management solution? Most performance management tools are already being extended to configure any part of a network – operating systems (OSs), routers, switches, and so on.
Its marketing material mostly illustrates examples with virtual machine, OS, and switch management, with various plug – in modules to extend functionality. But a brief look at the interface shows that the solution is much more of a generic configuration framework for configuring and monitoring heterogeneous systems. This same solution allows you to load configurations, execute custom scripts, and even back up, restore, apply, report on, and enforce configuration sets. On top of all that, the suite still does a great job of performance management.
That last point is actually a big differentiator. There are a number of solutions in the IT space that enable server configuration automation. But many of them have limited reporting and monitoring capabilities. Although these configuration monitoring techniques may not be central to performance management (performance monitoring is far more important than configuration monitoring in that space), security management absolutely relies on auditing including configuration monitoring, reporting, and change-control alerting.
Want to learn more about auditing with performance monitoring tools? Read the whitepaper.