Cognoscenti… The Security Configuration Time Machine.

Cognoscenti will not only help provide Continuous Configuration Management and provide a Time Machine look and feel to manage, but also helps drive many of the required analytics and data needed to quickly achieve NIST-800-171 compliance.  This allows our customers to obtain detailed configuration settings and changes.

Some examples of the detailed reporting are displayed in the images below.  This is the detailed insight required and provided at the click of a button to report changes in the configuration status.  This can be performed for any delta collection within the history of Cognoscenti’s service for the lifetime of a system.  The discussion below addresses section 3.4 of the NIST standards, but Cognoscenti with the other CCG software products known as CheckMate provide complete coverage and beyond of the NIST and other compliance standards.

What Phen collects through Cognoscenti

Cognoscenti is designed to be provided, or have Phen develop and provide, a list of up to the 100 most critical systems in the environment. This list of systems can be used by Phen to setup and configure Cognoscenti. From the time the system is setup, Phen will utilize one or more TCP protocols (such as::  SSH, WMI or HTML) to any devices identified in the software. These devices can be OS servers or desktops (such as:: Windows, MacOS or Linux/Unix), networking devices (such as:: Cisco IOS or Nexus, Juniper). Cognoscenti can even collect from Printers, Managed Power Devices, or WiFi stations.  Cognoscenti can provide a time machine view and review of Firewalls and Firewall rules as they change in time ( such as:: Dell Sonic Wall, Cisco ASA, Fortinet, or Sidewinder).

The Configuration Management Time Machine

Providing a new detailed historical configuration view to pin point the specific hardware and software in operation on a given system at an point in its history.

Cognoscenti uses this data to define a unique Baseline for each device.  collect a scheduled Current System State. This provides a historical time line of the critically defined system. The collection and followed state include (but not limited to) users, accesses, permissions, files, software (installed and versions), configurations, etc. This provides down to a line by line adjustment of configurations for how the system runs or how a specific application is set to run. This can include registry entries on the Windows side, Running configuration on the Cisco side, or actual flat files on the Linux/Unix/MacOS side.

Imagine a situation where an application has a drastic performance change overnight (or often ‘it was fine last week’). What do you have, or could you even purchase at any price that would provide you a detailed analysis down to the specific configuration line of what changed. You can see all the adjustments to this application that have occurred over the last week, and in what order they happened. You can track this application for the life of the system monitoring.

Questions Phen and Cognoscenti can help Answer

  • The system was running find until last week, What changed?
  • Government shutdown.  We turned off 300 Linux and Solaris systems that were up for over one and a half years.  Lots of changes were put in place in memory, but when the systems were turned back on those changes were lost.  What needs to be done?
  • The <name any application> was upgraded, but the configs no longer work, what when wrong?
  • The production and test environments are supposed to be identical.  They aren’t working differently.  What is inconsistent in the hardware, software and configurations?