Achieving and Maintaining Federal Compliance


Published on

For more information on NCM, visit:

For more information on LEM, visit:

Regulatory compliance is an issue that government entities deal with on a daily basis. Whether you must comply with the DISA STIG, FISMA, HIPAA, or any of the other requirements, SolarWinds can help. In this webinar, we look at how two of our flagship products can help get your network up to the required standards, keep it there with little effort, and generate the reports you need to prove compliance to regulatory bodies.

SolarWinds experts will demo the compliance features built in to Log and Event Manager (LEM) and Network Configuration Manger (NCM). Additionally, we will have a special guest who lives and breathes compliance on a daily basis to give the customer’s point of view as well as some helpful insight into real-world best practices.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Achieving and Maintaining Federal Compliance

  1. 1. Achieving and Maintaining Federal Compliance A Discussion of the Challenges and Solutions 01 NOVEMBER 2011 IT Management Simplified Copyright © 2011, SolarWinds Worldwide, LLC.  All rights reserved.
  2. 2. Federal Compliance Hosts Josh Stephens – Head Geek and V.P. Technology Rob Johnson - Log and Event Manager Application Engineer Eric Hodeen – Sr. Network Engineer, CourtesyIT ® , LLC Producer Catherine Jackson
  3. 3. Agenda <ul><li>Introductions & Housekeeping </li></ul><ul><li>The Compliance Landscape </li></ul><ul><li>Compliance in the Federal Environment </li></ul><ul><li>Manual Compliance Methods </li></ul><ul><li>Use of Automation </li></ul><ul><li>Logging and Configuration Management </li></ul><ul><li>Panel Discussion </li></ul>© iStockphoto
  4. 4. Introductions and Housekeeping <ul><ul><li>Today’s session will focus on federal compliance requirements and solutions. </li></ul></ul><ul><ul><ul><li>We only have an hour. </li></ul></ul></ul><ul><ul><li>Ask questions! </li></ul></ul><ul><ul><ul><li>Don’t be afraid to ask deeper questions. </li></ul></ul></ul><ul><ul><ul><li>Don’t wait until the end – ask away. </li></ul></ul></ul><ul><ul><ul><li>Panel discussion for last 15 minutes. </li></ul></ul></ul><ul><ul><li>Today’s session is being recorded. </li></ul></ul><ul><ul><ul><li>Recorded session on </li></ul></ul></ul><ul><ul><ul><li>Slides available on </li></ul></ul></ul>
  5. 5. Types of Compliance by Industry <ul><li>Today’s Compliance Landscape </li></ul><ul><li>HIPAA – Medical Privacy and Security </li></ul><ul><li>SOX- Financial Accountability </li></ul><ul><li>PCI – Card Payment and Processing Security </li></ul><ul><li>DISA STIG – Army Security Requirements </li></ul><ul><li>FISMA – All Federal Sectors </li></ul><ul><li>Several Others from Local to International Level. </li></ul>© iStockphoto
  6. 6. The Complexity of Compliance <ul><li>Size - Thousands of Pages of Requirements. </li></ul><ul><li>Moving Target - New and Modified Regulations. </li></ul><ul><li>Breadth – Involves Thousands of Systems and Software. </li></ul><ul><li>Time – Not a Quick Process, Precision is Key. </li></ul><ul><li>Certification Processes – Final Roll-out. </li></ul><ul><li>Maintenance – Must be Kept up to Date. </li></ul><ul><li>Monitoring and Audit – Prove it! </li></ul>© iStockphoto
  7. 7. FISMA Requirements <ul><ul><li>System Inventory </li></ul></ul><ul><ul><li>Risk Assessment </li></ul></ul><ul><ul><li>Categorize by Risk </li></ul></ul><ul><ul><li>Security Controls </li></ul></ul><ul><ul><li>Security Plan </li></ul></ul><ul><ul><li>Certification </li></ul></ul><ul><ul><li>Maintenance </li></ul></ul><ul><ul><li>Monitoring </li></ul></ul>© iStockphoto
  8. 8. DISA STIG Requirements <ul><ul><li>OS and Application Security </li></ul></ul><ul><ul><li>Network Security Design </li></ul></ul><ul><ul><li>Wireless Security </li></ul></ul><ul><ul><li>Access Controls </li></ul></ul><ul><ul><li>Certification </li></ul></ul><ul><ul><li>Maintenance </li></ul></ul><ul><ul><li>Monitoring </li></ul></ul>© iStockphoto
  9. 9. FISMA and STIG Challenges <ul><li>Challenges of Manual Compliance Methodologies. </li></ul><ul><ul><li>Building the Complex Systems. </li></ul></ul><ul><ul><li>Time to Compliance. </li></ul></ul><ul><ul><li>Maintenance of Disconnected, Moving Parts. </li></ul></ul><ul><ul><li>Manpower Requirements. </li></ul></ul><ul><ul><li>Rush to Ready for Audits. </li></ul></ul>© iStockphoto
  10. 10. Log Based Compliance Solutions <ul><li>Log and Event Manager ™ </li></ul><ul><ul><li>Correlates thousands of data points to discover issues </li></ul></ul><ul><li>Ease of Use Features </li></ul><ul><ul><li>Automated active response </li></ul></ul><ul><ul><li>Built-in compliance rules and reports </li></ul></ul><ul><li>Performance </li></ul><ul><ul><li>Real-time correlation </li></ul></ul>© iStockphoto
  11. 11. Log Based Compliance Solutions <ul><li>SolarWinds Log and Event Manager </li></ul><ul><li>Live Product Feature Presentation </li></ul>
  12. 12. Configuration Management Compliance Solutions <ul><li>SolarWinds Network Configuration Manager ™ </li></ul><ul><ul><li>Inventory, configuration, security and policy management </li></ul></ul><ul><ul><li>Multi-vendor support </li></ul></ul><ul><li>Ease of Use Features </li></ul><ul><ul><li>Automated config backups </li></ul></ul><ul><ul><li>Builtiin compliance rules and reports </li></ul></ul><ul><li>Performance </li></ul><ul><ul><li>Real-time change detection </li></ul></ul>© iStockphoto
  13. 13. Configuration Management Compliance Solutions <ul><li>SolarWinds Network Configuration Manager </li></ul><ul><li>Live Product Feature Presentation </li></ul>
  14. 14. Compliance Panel Discussion <ul><li>Panelists </li></ul><ul><li>Josh Stephens, VP Technology, SolarWinds </li></ul><ul><li>Rob Johnson, LEM Application Engineer, SolarWinds </li></ul><ul><li>Eric Hodeen, Sr. Network Engineer, CourtesyIT ® , LLC </li></ul><ul><ul><li>Ask questions using the webinar Q&A feature </li></ul></ul>
  15. 15. Summary and Q&A Thank you for attending! To learn more or to download free 30-day trials of SolarWinds products visit: Contact information Josh Stephens, Head Geek [email_address] twitter: sw_headgeek Blog: Copyright © 2011, SolarWinds Worldwide, LLC.  All rights reserved.