This paper outlines the nature of infrastructure integrity, change auditing, and compliance solutions. It describes how an investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; be a force multiplier; and provide a solid foundation that increases the effectiveness of the investment in information security.
mo W H I T E P AP E R c.c di.w O p t i m i z i n g I n f r a s t r u c t u r e C o n t r o l ww Sponsored by: Tripwire 5104 Charles J. Kolodgy Gerry Pintal .539 June 2008 .805.F I N T R O D U C T I O N 0028. IT environments have become complex infrastructures that are increasingly more 278. difficult to manage efficiently. The strategic and tactical human capital required to 805 administer, maintain, and protect enterprise computing systems is consuming .P corporate resources at an ever-growing rate. Some would contend that providing AS coherent management and accountability is a losing battle. Nevertheless, the battle to U 1 implement an IT infrastructure that provides a high degree of availability, security, and 071 regulatory compliance is being fought by corporate enterprises. 0 AM , During each stage of progression in distributed computing, new dimensions in ma features, functionality, and capabilities have been introduced and made available to hgni users. One of the emerging technologies that is both a boon and a bane is mar virtualization. Virtualization not only will provide considerable flexibility to enterprises F t but also will complicate infrastructure manageability. As a consequence, an entirely eert new set of risk factors has come into an already complex IT picture. IT organizations S n are dealing with a staggering number of issues, including: eepS 5 ! Rolling out new and enhanced systems and application software and maintaining :sr legacy applications across an increased number of systems etrauq ! d Vastly expanding the IT infrastructure via virtualization aeH la ! Proving compliance with industry standards, best practices, and a multitude of bol government regulations G
! Reducing and eliminating system and configuration vulnerabilities
! Providing staff training and dealing with staff turnover
Each of these critical areas is in a constant state of flux, with a constant barrage of new innovations and products. As the benefits of progress afforded by new IT infrastructures are realized, so too do the downside consequences emerge. To meet these issues head on, IT managers must build a solid foundation upon which a coherent, secure, and functional IT environment can be deployed, maintained, and updated. The keystone of that foundation is optimizing infrastructure control by maintaining systems integrity.
M E T H O D O L O G Y
IDC produced this white paper using a combination of ebusiness and security market forecasts, quantitative customer surveys, and direct primary research. To understand the most important issues challenging implementers of management policies, tools, and practices, we conducted in-depth, qualitative discussions with CTO/CIO-level experts, exploring the issues and challenges they found most pressing. In addition, designers and implementers of IT infrastructures shared perspectives on the practical issues involved in designing and maintaining the establishment and management of efficiency within the IT infrastructure. This document reflects these research perspectives.
I N T H I S W H I T E P AP E R
This paper outlines the nature of infrastructure integrity, change auditing, and compliance solutions. It describes how an investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; be a force multiplier; and provide a solid foundation that increases the effectiveness of the investment in information security. A specific focus is taken to describe the dynamics of optimizing infrastructure control and outline the unique solutions provided by Tripwire.
P E R S P E C T I V E S F R O M T H E " F R O N T L I N E "
Competitive business pressures, reduced time to market, regulatory compliance, and innovative methods of reaching customers, vendors, and partners all create constant IT change. This constant stimulus makes quality of life a challenge for IT managers. T h e I n n o v a t o r ' s D i l e m m a
IT infrastructure has grown to nearly overwhelming dimensions. As one veteran IT manager put it:
It used to be that you could ask me anything about my system — the IP a... [download for more]
