VVL is pleased to be a BMC Strategic Integrated Software Vendor and to exclusively provide Application Compliance ZipKits for TrueSight Automation for Servers.
The Industry Challenge
Both Federal and Private organizations are challenged with significant regulatory compliance requirements. Likewise, they both face substantial penalties when the governance of Enterprise IT is overlooked.
BMC Software’s TrueSight Automation for Servers (TSAS) , formerly known as BladeLogic, delivers a strong foundation for server compliance management. However, application compliance remains a critical gap in addressing this challenge.
Enterprises are often caught in the perpetual cycle of:
- Time-consuming manual evaluation of controls.
- Lack of consistency and prevalence of human-error when evaluating and auditing.
- Manual labor-intensive activities with even evaluating even only a few controls against thousands of systems.
While TSAS provides a fabulous automated mechanism to evaluate a large server estate against technology controls, the reality is:
- Creating complex Application Component Templates is time-consuming.
- Translating controls from a regulatory body such as DISA into TSAS rules is tedious and complex.
- Determining how to perform data retrieval from technology components (e.g. databases) is a non-trivial process.
- Normalizing unstructured data from technology components can be cumbersome and laborious.
- Creating evaluations (rules) is tedious and can be error-prone without best practices.
- Performing constant manual evaluations against IT is labor-intensive and inconsistent.
The Perfect Solution: ZipKits
Accelerate your Compliance
- Plug-n-play: Quickly import the content into your environment and you are operational in just a few minutes.
- Drive strong governance of application compliance through pre-built regulatory compliance packages.
- Pre-validated and tested data retrieval mechanisms for each technology component.
- Normalization of unstructured data is built-in to facilitate evaluation.
- Evaluation methodology for each rule leveraging years of BMC best practices.
Automation = Repeatability
- Minimize labor-intensive manual checks against your infrastructure.
- Scale compliance checks against hundreds of thousands of assets.
- Consistently evaluate controls against existing and new applications.
Reusable and Scalable
- Leverage your existing TSAS investment.
- Increase the utilization and value of your automation initiatives.
- A turn-key subscription model provides updates and support.
Contact for more Info
Success Story
VVL Systems implemented hybrid regulatory controls leveraging TrueSight Automation for Servers. This capability enabled National Government Services (NGS) to meet their CMS audit requirements for various technology stacks.
What would have taken weeks to perform was achieved within hours through ZipKit automation.
Availability and Approach
Each ZipKit is organized based on the following structure:
- Regulatory Body – the organization responsible for this regulation. We currently support:
- Defense Information Systems Agency (DISA)
- Center for Internet Security (CIS)
- Payment Card Industry – Security Standards Council (PCI SSC)
- Health Information Portability and Accountability Act (HIPAA)
- Technology Component – the pertinent technology under regulatory control. For example:
- IIS Server
- Microsoft SQL
- Oracle
- Apache Tomcat
- Domain – the scope within a technology:
- Server
- Instance
- Database
The combination of Regulatory Body, Technology Component, and Domain represent a ZipKit offered by VVL Systems.
Pricing and License structure
Each ZipKit is priced as a 1 Year Subscription model which includes:
- Access to the licensed ZipKit.
- 8×5 business hours (Monday – Friday) email and phone support from VVL BMC experts.
- Unlimited access to ZipKit updates and releases during the license term.
- 2 days of technical enablement designed to help customers with “Last Mile” integration to your technology stack.
Want to know more? Contact us!
Frequently Asked Questions
Some ZipKits require modifications on properties or parameters on jobs which are dependent on your specific environment. The specific ZipKit Deployment Guide will inform you what updates need to be made before executing during the included 2-day QuickStart enablement.
Our team strives to provide minor/major updates to published ZipKits on a quarterly basis.
VVL Systems has extensive experience creating custom compliance templates for TSAS. Please contact us for more details.
Currently version 8.9.04 and newer is supported
ZipKits are compressed packages of portable content, allowing Administrators of TSAS to export/import Component Templates, Extended Objects, Jobs, and other artifacts from one TSAS system to another.
