ECM started as a Windows inventory management tool, but has moved with the times. This release turns it into a systems policy management and compliance system for Windows, Solaris and Red Hat.
ECM covers a lot of ground, including vulnerability assessment, change management, compliance audit and remediation, access control, event consolidation, patch management, role-based access, and enterprise administration and automation. It's not surprising that the manual runs to more than 550 pages.
After collecting the data, ECM arranges it into various report dashboards displayed in a colorful browser window. The level of detail is comprehensive. From a policy management viewpoint, the most useful module handles compliance. This checks the configuration against the policy and flags non-compliant machines.
Obviously, the policy has to be kept current to ensure it keeps up with new software, updates, fixes and antivirus currency. This might be seen as a chore, but it pays back by ensuring no unapproved programs appear. It also helps to identify machines and track progress when there's a roll-out.
As with all inventory-based applications, installation takes some time. It is well automated, and most time is spent waiting for the initial data collection. It is a necessary evil, but gives a snapshot of the overall, possibly disorganized state of a network. Common features and omissions can be determined when developing policy templates for server roles and departmental systems.
The data collection system uses a small agent distributed to the network. The agents use DCOM; comms are secured using AES.
Configuresoft is also providing a series of templates for analyzing regulatory compliance to current customers through its secured support website. The templates have been formulated especially for legal compliance issues such as Sarbanes-Oxley and Basel II.
The only real gripe is with the manual. Page numbering starts is bizarre and contradictory – not something that you need with a manual this size.