The Top Ten of Server Change and Configuration Management

>

The concept of a Server Change and Configuration Management Policy is effortless - define what 'good' IT service looks like, then maintain your Server estate in this state.

It is vitally critical to keep in check all relevant servers configuration settings, performance metrics and application response times that together govern the high quality and consistency of delivered IT service levels to the organization.
Nonetheless, even though it is obvious that governing the performance and well being of your servers is important, the require to make sure your servers are compliant with security and external corporate governance legislations is now equally vital.

Corporate Governance policies such as Sarbanes Oxley (SOX), GLBA, NERC, PCI DSS, HIPAA, MiFID, SAS 70, and Basel II have all been introduced to guarantee minimum levels of security and integrity are maintained for business monetary information and any stored personal details of prospects.

Your Servicedesk or Helpdesk method has a role to play, ordinarily playing an integral role in any ITIL Alter and Configuration Management Method, supplying reconciliation information for any planned adjustments to any configuration item, such as servers.

The Leading Ten of Server Configuration Management
1. Server Performance Management - Measure and control all parameters affecting IT Service Delivery, including configuration settings, server health and user expertise
2. Server Compliance Audits - Take actions to automate the audit of your server estate in order to deliver auditors with accurate details of all security and access controls for compliance with all Corporate Governance legislations, such as PCI DSS, SOX, GLBA, NERC, HIPAA, MiFID, SAS 70, Basel II
three. Virtualization - when virtualising servers in order to facilitate datacentre moves, service continuity provision and to lower running costs, bear in mind that you are also introducing another layer of configuration management at the VM Host level that must equally be audited to ensure it is compliant with corporate governance policies
4. Compare 'one server to many' and pinpoint all differences in between a 'policy compliant' (i.e. 'working') server and those that aren't -all key modifications and deviations will be instantly identified and reported
five. Software program Inventory Management - A Configuration Management answer ought to cover Server inventory management, server asset management, server performance management and server configuration management
6. Server Security Management - Perfect practise is to limit the User Accounts to the minimum and restrict access to Administrator accounts with Admin privileges but you also will need to frequently check that Server User Accounts have not been modified, added or changed
7. Server File program Management - a key aspect of PCI DSS and other corporate governance policies is that core filesystem attributes have their integrity maintained, for instance, the Win32 folder must not be changed or modified and it is important to frequently check this
8. Registry Settings - as the core repository of Server Configuration Settings, any Registry changes ought to be logged and analysed
9. Running Processes and Services/Service States - build a whitelist and blacklist of authorised/unauthorized method and services, together with any mandatory 'must run' or illegal 'never run' processes and services
10. Server Application Configuration Management - Together with the Windows Server Operating Program, important server applications such as SQL Server, IIS, Exchange, Active Directory and Oracle all have several and complex configuration settings which also have to have to be audited for compliance with your configuration management policy

All the above alter and configuration management tasks can be automated making use of alter and configuration management software solutions, the ideal of which will cover servers together with alter and configuration management of your desktop PCs and all network devices such as firewalls, switches and routers.