Founded in 1986, Consul risk management is an authority in policy-based security audit and compliance. The Consul InSight™ Suite provides the unique ability to capture comprehensive log data, correlate the data through sophisticated log interpretation, and communicate results through a dashboard for full audit and compliance reporting. To reduce threats posed by privileged insiders, Consul InSight monitors change management procedures, acceptable use policies and user authorization processes against company and regulatory policies.
In October 2006 Consul was acquired by the IBM. It became a structural sub-division and was named IBM/Consul. In such a way the IBM Tivoli product line was enhanced by the number of applications, aimed to ensure the security in the local network of an enterprise. Accordingly the product name was changed to Tivoli Compliance InSight Manager or TCIM.
Focusing security on the “inside”, only TCIM provides ability to consolidate, normalize, analyze and report on vast amounts of user behavior and system activity. As a result, organizations can quickly and easily reveal who touched what within the company (with real-time alerts and proactive reports) and compare that activity to an established internal policy or external regulation. Organizations rely on the policy-based approach of InSight to simplify insider security auditing, compliance monitoring and enforcement for heterogeneous environments, ranging from super servers to the desktop. Customers turn to IBM/Consul to manage one or more of three urgent concerns:
The product quality analysis should not end at the stage of information gathering and analysis. The user interface is also very important. In this regard the TCIM is a very mature product. TCIM allows the user to receive the aggregate reports for a defined period of time; review any events happening in the system itself. If the customer has any specific needs, he may use a specially designed language of requests creation that allows to generate even very complex reports.
In such a way TCIM is a unique product with an original technical solution allowing processing billions of informational units; as well as quickly, effectively, and reliably monitoring any attempts to break the security.
ScienceSoft started working on the product in 2004 on a sub-outsourcing approach. At that time services of one more outsourcing company, Ukrainian-based Miratech, were used.
Initially ScienceSoft has the following goals:
During 2 months ScienceSoft has established a team of 19 developers, created development and test labs in accordance with the Consul requirements, performed a number of technical events aimed to integrate the environment of ScienceSoft company into Consul environment, such as:
To ensure smooth knowledge transfer and close partnership between companies the business trip of ScienceSoft’s developers to Consul was organized. The team satisfied the requirements of Consul’s management and was approved for the project.
In four months the first version of the product (InSight 5.0 SP2) was launched. It was created in close cooperation with ScienceSoft.
In two more months the next product version (InSight 6.0) was launched and the next version (InSight 7.0) was planned to be released during the same year. High-quality and dedication to work were acknowledged by Consul and the final decision was made to transfer the development work from Miratech to ScienceSoft. Thus, ScienceSoft became the only outsourcing supplier of Consul.
In a year one more release version (InSight 8.0) and an interim strategic version (InSight 7.0 Day One) of the product were launched. While working on the Consul’s projects ScienceSoft performed the development processes analysis and, based on its experience, offered a number of measures for their improvement. It allowed using the time and resources more effectively increasing the quality of development. New processes established clearer definition of the roles and responsibilities in the project, more accurate documentation process, easier changes tracking approach, and more effective system of corrective measures.
C/C++, Visual Basic, Java, Install Shield, Perl, bash/shell, Win batch, VBScript, TomCat, Lucene, SSH, SQL, ODBC, Windows, AIX 4/5, HP-UX, Sun Solaris 8/9/10, AS390/400, Linux (SuSe, Red Hat), Novell, Oracle 8/9/10g, DB2 Viper.