Compliance Achieved Banner
Home arrow Products arrow StealthAUDIT for Systems
StealthAUDIT for Systems PDF Print E-mail
 


Product Function and Scope
StealthAUDIT for Systems is the foundation product of the STEALTHbits Technologies offerings. It was designed and developed to provide the broadest and deepest possible visibility into devices on customers’ networks. This is accomplished with a combination of elements including:

 

  • Comprehensive device discovery
  • Agent-less scanning, data  and property collection
  • Flexible intuitive database storage with historical and cumulative up-to-date information
  • Powerful report authoring, generation and publication facilities
  • Change detection and conformance evaluation
  • Notification and automated workflow subsystems
  • Data results driven remediation and change actions

StealthAUDIT for Systems offers a multi-threaded engine with over 20 distinctly configurable “data collectors”. These data collectors enable customers to easily compose powerful queries for obtaining:


  • Configuration settings (registry,  database, .ini, or other configuration file based)
  • installed hardware, OS, and application software detail 
  • File age, size, version and access information
  • Windows domain and other directory based configuration information
  • User and group detail including administrative permissions
  • Event log detail
  • Inventory and state of services and processes on machine
  • ....and many other properties from servers and workstations.

StealthAUDIT comes with hundreds of pre-developed Jobs complete with query definitions and associated reports to provide instant value to customers with very fast return on investment.


Architecture

Shown below is the architecture for StealthAUDIT  and descriptions of these components.



 
Core engine – This is the primary StealthAUDIT program. It can be run in a graphical (see Management Console below) or non-graphical mode to collect data, invoke actions and analysis processes, and generate reports. This flexibility permits it to be run either interactively or on a scheduled basis.

Management console – This is a Windows based UI application (currently embedded in the Core engine – see above) that permits the intuitive administration of the product and visualization of the system configuration and output results.

Database – This is a SQL Server based database that can reside on the same or different machine from the StealthAUDIT Console application.

Data Collector – DC’s are dynamically loaded libraries that can be “plugged in” to a StealthAUDIT installation to expand its functionality for additional data collection techniques. Data collectors are implemented with graphical configuration interfaces that use inherent knowledge of the sources for these system properties coupled with “selection by example” techniques and logical element groupings. This implementation empowers administrators to compose and run queries in minutes that would take hours or days to script effectively.

Job – StealthAUDIT Jobs are executable entities that contain all configuration elements required to collect, filter, transform and store result data and generate reports against that data. This encapsulation provides for easy packaging and distribution of configured sets of functionality.
 
 

Operational Flow
The following steps represent the sequence of processing of the StealthAUDIT for Systems product:

  • Initially, device discovery is run for the environment to provide a list for targeting Jobs.
  • Jobs are selected from the sample libraries or created by the customer for inclusion in the Job tree.
  • Jobs are targeted to appropriate machines or groups from the discovered environment.
  • Jobs are either run interactively or scheduled from the Console to be run (once or repetitively).
  • When Job executes it performs:
    • Data collection
    • Change detection processing (if configured)
    • Data analysis tasks (if present) including data transformation and rules processing
    • Associated report generation and publishing
    • Notification (if configured)

 

Implementation and Scaling

StealthAUDIT can typically be implemented in hours as compared to alternative agent based products that can take weeks and in some cases months to deploy. Large enterprises can scale up by deploying multiple collection consoles with the option to channel all results to a single central database.


The multi-threaded design of StealthAUDIT enables it to assign processing for each target devices to one of a configurable number of threads to optimize throughput. This approach allows the effective use of multi-processor environments.

StealthAUDIT imposes minimal impact on network resources providing the opportunity to run on frequent cycles to ensure that the data in the database is very current at any point in time for reporting purposes.

 
 
< Prev
[ Back ]