Consul InSight Suite
Founded in 1986, Consul risk management is an authority in policy-based security audit and compliance. The Consul InSight™ Suite provides the unique ability to capture comprehensive log data, correlate the data through sophisticated log interpretation, and communicate results through a dashboard for full audit and compliance reporting. To reduce threats posed by privileged insiders, Consul InSight monitors change management procedures, acceptable use policies and user authorization processes against company and regulatory policies.
In October 2006 Consul was acquired by the IBM. It became a structural sub-division and was named IBM/Consul. In such a way the IBM Tivoli product line was enhanced by the number of applications, aimed to ensure the security in the local network of an enterprise. Accordingly the product name was changed to Tivoli Compliance InSight Manager or TCIM.
Focusing security on the “inside”, only TCIM provides ability to consolidate, normalize, analyze and report on vast amounts of user behavior and system activity. As a result, organizations can quickly and easily reveal who touched what within the company (with real-time alerts and proactive reports) and compare that activity to an established internal policy or external regulation. Organizations rely on the policy-based approach of InSight to simplify insider security auditing, compliance monitoring and enforcement for heterogeneous environments, ranging from super servers to the desktop. Customers turn to IBM/Consul to manage one or more of three urgent concerns:
- Data overload: Today’s organizations are drowning in an overwhelming volume of data delivered by diverse operating systems (Windows, Linux, UNIX, zOS, OS/400…), security devices (firewalls, intrusion detection systems), applications and databases.
- Trusted user monitoring: Unfortunately this flood of data delivers little actionable insight into precisely what users are doing within the company --accessing, using and releasing sensitive information vital to business operations, closely governed by regulations, and required for corporate information risk management initiatives.
- Regulatory compliance: The wave of Government regulations and Industry standards around information security and privacy (e.g., Sarbanes-Oxley, GLBA, HIPAA, ISO 17799, Basel II) are forcing organizations to institute more stringent policies and auditing processes to ensure compliance with new information assurance standards. IBM/Consul solves these problems, enabling companies to reduce risk, while lowering costs.
The product quality analysis should not end at the stage of information gathering and analysis. The user interface is also very important. In this regard the TCIM is a very mature product. TCIM allows the user to receive the aggregate reports for a defined period of time; review any events happening in the system itself. If the customer has any specific needs, he may use a specially designed language of requests creation that allows to generate even very complex reports.
In such a way TCIM is a unique product with an original technical solution allowing processing billions of informational units; as well as quickly, effectively, and reliably monitoring any attempts to break the security.
History and solutions
ScienceSoft started working on the product in 2004 on a sub-outsourcing approach. At that time services of one more outsourcing company, Ukrainian-based Miratech, were used.
Initially ScienceSoft has the following goals:
- Create teams of the multi-profile experts having very tough deadlines;
- Complete informational and development integration into Consul working environment;
- Participate in the InSight product development;
- Establish the technical product support;
- Create and implement the general development processes for both: ScienceSoft and Consul;
- Support the tools and employed technologies modernization;
- ScienceSoft successfully performed majority of the above-stated tasks during a very short period of time.
During 2 months ScienceSoft has established a team of 19 developers, created development and test labs in accordance with the Consul requirements, performed a number of technical events aimed to integrate the environment of ScienceSoft company into Consul environment, such as:
- Merger of local networks (dedicated VPN connection was established);
- Installation and merger of knowledge databases and working environment on the basis of Lotus Domino DB;
- Establishment of the communication channels between development teams of both companies.
To ensure smooth knowledge transfer and close partnership between companies the business trip of ScienceSoft’s developers to Consul was organized. The team satisfied the requirements of Consul’s management and was approved for the project.
In four months the first version of the product (InSight 5.0 SP2) was launched. It was created in close cooperation with ScienceSoft.
In two more months the next product version (InSight 6.0) was launched and the next version (InSight 7.0) was planned to be released during the same year. High-quality and dedication to work were acknowledged by Consul and the final decision was made to transfer the development work from Miratech to ScienceSoft. Thus, ScienceSoft became the only outsourcing supplier of Consul.
In a year one more release version (InSight 8.0) and an interim strategic version (InSight 7.0 Day One) of the product were launched. While working on the Consul’s projects ScienceSoft performed the development processes analysis and, based on its experience, offered a number of measures for their improvement. It allowed using the time and resources more effectively increasing the quality of development. New processes established clearer definition of the roles and responsibilities in the project, more accurate documentation process, easier changes tracking approach, and more effective system of corrective measures.
- ScienceSoft proved to be a reliable partner and at Consul’s headquarter the decision was made to outsource all work to one outsourcing supplier – ScienceSoft;
- During collaboration between our companies 4 major releases, one strategic release and 20 Event Source modules were successfully completed;
- The Support center for Consul’s customers was established at ScienceSoft;
- Each month 2 employees from ScienceSoft visited Consul onsite for knowledge transfer and process improvement.
Technologies and tools
C/C++, Visual Basic, Java, Install Shield, Perl, bash/shell, Win batch, VBScript, TomCat, Lucene, SSH, SQL, ODBC, Windows, AIX 4/5, HP-UX, Sun Solaris 8/9/10, AS390/400, Linux (SuSe, Red Hat), Novell, Oracle 8/9/10g, DB2 Viper.