Prexio: A Configuration Audit Tool for all Date:   Wednesday , September 07, 2011 The tremendous increase in online activities has made organizations more vulnerable than ever in terms of security. With new security threats arising on a day to day basis it has become highly critical for organizations to secure IT infrastructure involving servers and devices. Every organization wants global best practices and guidelines be followed to securely configure and harden the servers and devices against threats. Most importantly, the servers and devices need to be audited regularly for secure configuration and any other known vulnerabilities. An undetected vulnerability can potentially cripple organization financially and drain most of the hard built reputation. Moreover, most customers before giving business to the vendors demand an assurance of security levels though certifications like ISO 27001 and PCI DSS. These standards demands regular internal technical vulnerability assessments of servers and devices as control requirements for compliance against respective standards. To achieve this, most organizations resort to using vulnerability scans. A typical network vulnerability scanner does not conduct a comprehensive security configuration audit. It mostly detects open ports, services and missing patches. Some scanners may gather limited configuration information but often fail to interpret the compliance status automatically. Hence even after a scan, significant human effort is spent on judging whether the current configuration is complying with hardening guidelines or not. Also many of the vulnerability scans are not authenticated processes and so will have limited access to many of the system data and so will not be completely effectively. Since a typical network vulnerability scanner is not enough to the goal of 100 percent secured networks, a different kind of tool is required. Paladion Network brings such a solution, Prexio, which goes beyond normal vulnerability scanning, and assessment solutions and end up being an all-in-one solution that provide global best practices for security configuration or hardening guideline and also help organizations to perform configuration audit of server and devices regularly. How is Prexio different from normal network vulnerability scanners? Unlike these common network vulnerability scanners, it checks are not limited to detecting open ports, services or missing patches. It goes much beyond to comprehensively check all configuration items as recommended in popular guidelines such as CIS, SANS, NIST. Prexio's analysis engine can decide whether current configuration is complying with hardening guideline or not, without any manual human intervention. The tool is completely automated, it logs into the system with username and other credentials that are valid, scans through all the data, and finds out any existing and possible vulnerabilities. So, instead of being reactive, it actually gives the organizations the opportunity for being proactive. Since it is an authenticated scan, it has access to all parts of the network and the data provided will be way more accurate than normal scans. Global practices like Center for Information Security (CIS) has put benchmark for how systems, servers and networks should be configured in a secured manner. It comes with a set of guidelines that has to be followed in order to make the network secure and vulnerability free. This benchmark is globally accepted and by deploying Prexio, organizations can actually make sure they are following these global best practices. “We enable our customers with capability to perform internal vulnerability assessments based on global best practices; we also give them insights on what to do in order to mitigate these vulnerabilities with step-by-step instructions. Thus, Prexio helps our customers both in securing their servers and also audit them for compliance in regular basis. It saves significant cost reduction by doing it themselves.” says Amirthamurugaraj, Products Head, Paladion Networks. Prexio works in two modes, Offline and Online. Online scan is useful when the server or device to be audited is accessible over network (LAN, or WAN). This scan can be performed by simply entering IP address, username or password of the target server or device. Offline scan is useful when server/ device to be audited are not accessible over the network. In this scan a small script can be downloaded from Prexio and run on the server to be audited. The script collects configuration in a text file, which can be uploaded to Prexio for analysis and report generation. This option is particularly useful to internal auditors who do not access to sensitive servers or devices which are generally managed by a separate IT team. BFSI is a sector where network security means a lot. In this sector, bodies like RBI have given guidelines to banks to perform authenticated vulnerability assessments on regular intervals. In this scenario a normal vulnerability tool is impractical as most of they do not do authenticated scans and doing manual scan is a very lengthy process. Manual authenticated scans with normal vulnerability assessment tools can take up to 4 hours per server, and produce several hundreds of pages of data that has to be gone through before the assessment can be made. It might even slow down the server and disrupt the normal functioning of the banks. But, Prexio’s automated audit can complete a vulnerability assessment of a network with about 1500 servers in two days or less, that too while not affecting the performance of the servers in anyway. By providing fast and easy configuration and policy audits, and accurate scans, Prexio helps banks to stay secure and comply with the RBI rules. Paladion’s products are known for the immense value that they bring to their customers and for that reason the customers seems to embrace their products so far. Prexio is not an exemption, it helps the organizations that deploy it run vulnerability assessments on a regular basis, without spending a lot of time and other resources on it help them stay complaint with the requirements of their customers, and gain certifications like ISO 27001 and PCI DSS. Plus, Prexio also has a built in database of exhaustive checks that incorporates recommendations from all trusted sources including CIS, SANS and NIST. This database comes as immense help for their clients. And the customers, ranging from BFSI to BPO, Health and Manufacturing, and IT, seems to take the legacy of the Paladion success forward with Prexio, and the future looks very bright for the product.