The clue is in the name, Change Tracker detects changes in an organization’s infrastructure. But so what? Why is that a useful thing to do? How am I benefitting from knowing what has been altered within my environment? The terrifying answer? To detect malicious activity.

The slightly more mundane answer? To identify a best intention change that, nevertheless, has impacted infrastructure operations.

Here at NNT, we are advocates of change. Change is essential to keep environments up-to-date and applications running smoothly and with as few vulnerabilities as possible. The key to change, the utopia, the Holy Grail if you will, is to provide some context to the change activity, the why did this change question.

NNT Change Tracker has a number of approaches to provide the answers.

Change Tracker’s Intelligent Planned Change

Add Change Tracker’s planned changes function into your change process and you’ll be able to prepare Change Tracker for any planned change activity before the changes are carried out.

 

screenshot

 

The above screen is the start of a Change Tracker planned change creation, the first step to preparing the software for, in this case, a Windows patch run.

However, Change Tracker is very much a change detection solution and we all know that best practice pushes the organization to use an IT service management framework to control the change management process. Using an IT service management (ITSM) solution helps companies gain control of the planning aspects of change, providing a single location where change activity can be planned, authorized and reviewed. Here in the below example, we have similar change activity to the Change Tracker planned change, entered into an ITSM solution, ServiceNow in this case.

 

screenshot

 

So immediately we can see that there is an element of duplication here, similar information is entered for the planning of change activity in ServiceNow, as for the detection of the change in Change Tracker.

It feels like an integration could help speed things up and reduce complexity!

NNT is now offering its ITSM integration for the Change Tracker solution. Available for an ever-increasing list of ITSM solutions. In the world of IT Service Management, when there is a need for change it follows a defined process.  Request for proposed changes is submitted to a CAB (change advisory board).  The CAB either approves or rejects the request for change.

If approved, a Release, Build, Test, Schedule and Deployment plan is created to take effect within a prescribed change management and maintenance window. 

Via the ITSM Integration, NNT Change Tracker observes changes and reconciles these changes with the approved change request from ServiceNow.

By understanding the authorized and approved changes, NNT can highlight all the unknown, unwanted, unexpected and potentially malicious changes.  These are the changes needing to be reviewed and investigated.

 

screenshot

 

Continuing our example, the ServiceNow planned change highlighted earlier has made its way into Change Tracker via the ITSM integration. You’ll see it is currently disabled as the specified start date and time for the change has not been reached.

 

screenshot

 

The details of the two planned changes mirror each other for date and time and Configuration Items, in this case, a Windows group.

 

screenshot

 

The planned change within Change Tracker becomes enabled when the start date and time is reached. During this time period, the changes which meet the parameters of the planned change will be captured as planned within the Change Tracker monitoring solution.

 

screenshot

 

 

Optionally, any change which is not detected as part of the planned change will be identified and reported as unexpected and unplanned.

 

screenshot

 

Ultimately, the integration separates change that was expected from the change that was not. This can reduce the load on the poor embattled security professional and helps an organization keep a tight control over its environment.

 

NNT has a range of training and managed service offerings to help you get the most of your solution.
Call (844) 898-8362 or click here to request more information.

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.