VVL is pleased to be a BMC Strategic Integrated Software Vendor and to exclusively provide Application Compliance ZipKits for TrueSight Automation for Servers.

The Industry Challenge

Both Federal and Private organizations are challenged with significant regulatory compliance requirements. Likewise, they both face substantial penalties when the governance of Enterprise IT is overlooked.

BMC Software’s TrueSight Automation for Servers (TSAS) , formerly known as BladeLogic, delivers a strong foundation for server compliance management. However, application compliance remains a critical gap in addressing this challenge.

Enterprises are often caught in the perpetual cycle of:

  • Time-consuming manual evaluation of controls.
  • Lack of consistency and prevalence of human-error when evaluating and auditing.
  • Manual labor-intensive activities with even evaluating even only a few controls against thousands of systems.

While TSAS provides a fabulous automated mechanism to evaluate a large server estate against technology controls, the reality is:

  • Creating complex Application Component Templates is time-consuming.
  • Translating controls from a regulatory body such as DISA into TSAS rules is tedious and complex.
  • Determining how to perform data retrieval from technology components (e.g. databases) is a non-trivial process.
  • Normalizing unstructured data from technology components can be cumbersome and laborious.
  • Creating evaluations (rules) is tedious and can be error-prone without best practices.
  • Performing constant manual evaluations against IT is labor-intensive and inconsistent.

The Perfect Solution: ZipKits

Accelerate your Compliance

  • Plug-n-play: Quickly import the content into your environment and you are operational in just a few minutes.
  • Drive strong governance of application compliance through pre-built regulatory compliance packages.
  • Pre-validated and tested data retrieval mechanisms for each technology component.
  • Normalization of unstructured data is built-in to facilitate evaluation.
  • Evaluation methodology for each rule leveraging years of BMC best practices.

Automation = Repeatability

  • Minimize labor-intensive manual checks against your infrastructure.
  • Scale compliance checks against hundreds of thousands of assets.
  • Consistently evaluate controls against existing and new applications.

Reusable and Scalable

  • Leverage your existing TSAS investment.
  • Increase the utilization and value of your automation initiatives.
  • A turn-key subscription model provides updates and support.

Contact for more Info

Success Story

VVL Systems implemented hybrid regulatory controls leveraging TrueSight Automation for Servers. This capability enabled National Government Services (NGS) to meet their CMS audit requirements for various technology stacks.

What would have taken weeks to perform was achieved within hours through ZipKit automation.

Availability and Approach

Each ZipKit is organized based on the following structure:

  • Regulatory Body – the organization responsible for this regulation. We currently support:
    • Defense Information Systems Agency (DISA)
    • Center for Internet Security (CIS)
    • Payment Card Industry – Security Standards Council (PCI SSC)
    • Health Information Portability and Accountability Act (HIPAA)
  • Technology Component – the pertinent technology under regulatory control. For example:
    • IIS Server
    • Microsoft SQL
    • Oracle
    • Apache Tomcat
  • Domain – the scope within a technology:
    • Server
    • Instance
    • Database

The combination of Regulatory Body, Technology Component, and Domain represent a ZipKit offered by VVL Systems.

Pricing and License structure

Each ZipKit is priced as a 1 Year Subscription model which includes:

  • Access to the licensed ZipKit.
  • 8×5 business hours (Monday – Friday) email and phone support from VVL BMC experts.
  • Unlimited access to ZipKit updates and releases during the license term.
  • 2 days of technical enablement designed to help customers with “Last Mile” integration to your technology stack.

Want to know more? Contact us!

Frequently Asked Questions

Will the compliance jobs work out of the box?

Some ZipKits require modifications on properties or parameters on jobs which are dependent on your specific environment. The specific ZipKit Deployment Guide will inform you what updates need to be made before executing during the included 2-day QuickStart enablement.

How often do you release updates to a ZipKit?

Our team strives to provide minor/major updates to published ZipKits on a quarterly basis.

What if a ZipKit is not available for my desired Technology Stack?

VVL Systems has extensive experience creating custom compliance templates for TSAS. Please contact us for more details.

What version of TSSA/BladeLogic is supported?

Currently version 8.9.04 and newer is supported

What are ZipKits?

ZipKits are compressed packages of portable content, allowing Administrators of TSAS to export/import Component Templates, Extended Objects, Jobs, and other artifacts from one TSAS system to another.

Subscribe to our Newsletter
Stay informed with the latest technology news, industry events, and training offered by VVL Systems for free! Fill out this form and receive our newsletter delivered straight to your inbox.

See how VVL has helped clients leverage the latest technologies and agile capabilities.

Latest VVL and Industry News

SolarWinds Breach Response

Information & Resources regarding SolarWinds Orion Incident As many are aware, SolarWinds Orion products experienced a security incident that has…

What is a Zero Trust Maturity Model?

In this article, we'll review the recent materials, standards, and guidance principles related to Zero Trust Framework with the hope…

Upcoming VVL and Industry Events