Well, it’s about that time of year again. Halloween has passed, and the winter holidays are approaching fast. Around the world, it means different things, but in the US, it means Thanksgiving and Christmas for most families. And importantly for many Loop1 clients, they will see their busiest times of the year, including Black Friday and the shopping days before Christmas, followed by the New Year and College Football Playoffs.
In many organizations, this will also mean a period of change freeze. A period where the entire IT operations infrastructure has been designed, configured, deployed, and tested – and no configuration changes are permitted to avoid outages and ensure a stable, reliable end-user experience during the peak season.
The idea might sound very appealing if you are not an organization that implements a change freeze during this time of year. And you might think, no changes, what will I do with all that free time?
While it is true that in some organizations, it becomes an opportunity to take some well-earned PTO, in others, it’s a time to focus on audit and documentation.
And a change freeze is a perfect match for configuration audits. What better time to slow down, take stock, and document the environment? With no changes being allowed, the audit and documentation exercise can be more straightforward and remain accurate for much longer, right?
Regardless of your approach to change management or change freezes, the need to consistently, quickly, and accurately audit and document all aspects of your IT infrastructure remains.
In this blog post, we will talk about three tools, from SolarWinds and Runecast, that we help clients leverage to make their audit and compliance efforts faster, easier, and more accurate.
Optimize and Secure your Hybrid Cloud with Runecast
We’ll begin at the layer that ties everything together, storage, network, servers, and applications. They all connect to and either serve or leverage the virtualization layer. Whether on-premise or in the cloud, hypervisor or hyperscaler, Runecast is the tool of choice to audit and document these environments.
If you aren’t familiar with Runecast, you likely have undetected risks hiding in your VMware and cloud environments. With Runecast, you can quickly and easily connect and document your entire VMware and cloud estate and then use that data to detect known hardware and software vulnerabilities and risks automatically. From best practices to regulatory compliance for PCI, GDPR, HIPAA, and more, Runecast speeds the time to identify and, in many cases, resolve configuration issues. It also includes the most accessible VMware upgrade advisor tool I’ve ever used. Runecast incorporates the entire VMWare knowledge base and AI to automatically detect risks and vulnerabilities based on your hardware and software deployment. This capability dramatically reduces the time to document and plan resolution while also helping to eliminate the risk of outages due to undetected configuration issues.
Runecast is an excellent complement to SolarWinds Hybrid Cloud Observability
SolarWinds HCO Advanced edition includes powerful VMware monitoring and administration tools (formerly Virtualization Manager or VMAN), extending into Server Compliance (formerly Server Configuration Monitor or SCM). With HCO Advanced, you can document Windows and Linux servers and detect and report Windows file-level changes, including the name of any Active Directory user making the changes. That capability also extends to documenting and detecting deviations from best practices for SQL server configuration and Microsoft IIS (Internet Information Server).
Regardless of the size of your server and cloud infrastructure, Runecast and SolarWinds HCO Advanced will reduce the time it takes to document and audit the environment by allowing you to quickly and consistently audit hundreds or thousands of servers.
SolarWinds HCO Advanced also supports thoroughly auditing and documenting your network (formerly Network Configuration Manager or NCM) – every router, switch, firewall, load balancer, access point, and wireless controller. With the SolarWinds Policy Compliance engine, you can apply well-known best practices, federal DISA-STIGs, or any standard PCI, HIPAA, GDPR, or other common regulatory rules.
In addition, the network configuration management features of SolarWinds HCO Advanced include the ability to automatically identify known NIST CVEs on Cisco and Juniper network devices. During your freeze window, you can quickly and easily collect all of the data necessary to identify these known vulnerabilities, allowing you to plan and automate the resolution of the detected issues once your change freeze windows end. SolarWinds HCO can quickly deploy updated firmware to your network devices with built-in firmware upgrade automation. The firmware upgrade automation allows you to inventory, validate, plan and execute the firmware file upgrades necessary to resolve the detected CVE issues. And, of course, there will be those times when devices are end-of-life and end-of-support, meaning your remediation plans may require procurement and deployment of replacement devices where firmware patches or upgrades are no longer available.
So, as we enter the busy holiday season, whether your organization enters into change freeze mode or not, having the right tools can ensure that your audit and compliance efforts are made easy. Across your network, to your virtualization environment, into your servers and applications, Runecast and SolarWinds will save you time, improve accuracy, and reduce risk to your environment through robust audit and compliance automation.
And, of course, Loop1 is here to help. We have designed and deployed global SolarWinds and Runecast architectures and also developed custom integrations, allowing administrators and stakeholders to visualize the health and compliance of entire global networks in simple and easy-to-understand custom dashboards.
As always, we want to hear from you!
Does your organization observe change freeze windows? If so, what do your IT operations teams do with that time? Is it used to allow folks to catch up on PTO? Do you conduct your audit and compliance work? Let us know!
Want to give Runecast a try?
Take the Runecast Challenge – if Runecast doesn’t discover a minimum of 10 issues previously unknown to your team, have the license for your current set-up on us for 12 months*
What about a free trial of SolarWinds Hybrid Cloud Observability?
Start your 30-day free trial today to see the benefits of SolarWinds Observability first-hand.
