The Industry Challenge
Federal and Commercial organizations face significant regulatory compliance requirements and penalties when governance of Enterprise IT is overlooked.
BMC Software’s TrueSight Automation for Servers delivers a strong foundation for compliance management. However, application compliance remains a critical gap in addressing this challenge.
Enterprises are often caught in the perpetual cycle of:
- Time consuming manual evaluation of controls.
- Lack of consistency and human-error when evaluating and auditing.
- Manpower extensive activities with even evaluating only a few controls against thousands of systems.
While TrueSight Automation for Servers (TAS) provides a fabulous automated mechanism to evaluate a large environment against technology controls, the reality is:
- Creating complex Application Component Templates is time consuming.
- Translating controls from a regulatory body such as DISA into TAS rules is tedious and complex.
- Determining how to perform data retrieval from technology components (e.g. databases) is a non-trivial process.
- Normalizing unstructured data from technology components can be cumbersome and laborious.
- Creating evaluations (rules) are tedious and can be error-prone without best practices.
- Performing constant manual evaluations against IT is labor intensive and inconsistent.
The Perfect Solution – ZipKits
Accelerate your Compliance
- Drive strong governance of application compliance through pre-built regulatory compliance packages.
- Pre-validated and tested data retrieval mechanisms for each technology component.
- Normalization of unstructured data is built-in to facilitate evaluation.
- Evaluation methodology for each rule leveraging years of BMC best practices.
Automation = Repeatability
- Minimize labor-intensive manual checks against your infrastructure.
- Scale compliance checks against hundreds of thousands of assets.
- Consistently evaluate controls against existing and new applications.
Reusable and Scalable
- Leverage Existing TrueSight Automation for Servers (Bladelogic) investment.
- Increase the utilization and value of your automation initiatives.
- Turn-key subscription model provides updates and support.
Contact for more Info
VVL Systems implemented hybrid regulatory controls leveraging TrueSight Automation for Servers. This capability enabled National Government Services (NGS) to meet their CMS audit requirements for various technology stacks.
What would have taken weeks to perform was achieved within hours through ZipKit automation.
Availability and Approach
Each ZipKit is organized based on the following structure:
- Regulatory Body – the organization responsible for this regulation. We currently support:
- Defense Information Systems Agency (DISA)
- Center for Internet Security (CIS)
- Payment Card Industry – Security Standards Council (PCI SSC)
- Health Information Portability and Accountability Act (HIPAA)
- Technology Component – the pertinent technology under regulatory control. For example:
- IIS Server
- Microsoft SQL
- Apache Tomcat
- Domain – the scope within a technology:
The combination of Regulatory Body, Technology Component, and Domain represent a ZipKit offered by VVL Systems.
Pricing and License structure
Each ZipKit is priced as a 1 Year Subscription model which includes:
- Access to the licensed ZipKit.
- 8×5 business hours (Monday – Friday) email and phone support from VVL BMC experts.
- Unlimited access to ZipKit updates and releases during the license term.
- 2 days of technical enablement designed to help customers with “Last Mile” integration to your technology stack.
Want to know more? Contact us!
Frequently Asked Questions
Some ZipKits require modifications on properties or parameters on jobs which are dependent on your specific environment. The specific ZipKit Deployment Guide will inform you what updates need to be made before executing during the included 2-day QuickStart enablement.
Our team strives to provide minor/major updates to published ZipKits on a quarterly basis.
VVL Systems has extensive experience creating custom compliance templates for TAS. Please contact us for more details.
Currently version 8.9.04 and newer is supported
ZipKits are compressed packages of portable content, allowing Administrators of TAS to export/import Component Templates, Extended Objects, Jobs, and other artifacts from one TAS system to another.