SECURITY COMPLIANCE WITH SOLARWINDS® NETWORK MANAGEMENT TOOLSSeptember 20, 2016

Sean Mart inez, Senior Federal Sales Engineersean.mart inez@solarwinds.com512-682-9554 (off ice)

Omar Raf ik, Senior Federal Sales Engineeromar.raf ik@solarwinds.com703-386-2626 (off ice)

AGENDA

• SolarWinds Overview

• Security Compliance Overview

• Security Compliance with SolarWinds Products

• Product Demonstrations

• Questions and Answers

2© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

SOLARWINDS OVERVIEW

• Over 150,000 customers in 170 countries; SMB to Fortune 500®

• More than 425 of the Fortune 500 are customers

• Every branch of DOD and virtually every Civilian and Intelligence agency

• SolarWinds named to Gartner® Magic Quadrant for Network Performance Monitoring and Diagnostics, Feb. 2016

• Headquarters in Austin, TX

• Federal Office in Herndon, VA

• 1800+ employees worldwide

3

The power to manage IT

User Experience

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

Product Mission: Enable IT & DevOps pros to proactively and reactively monitor, alert, troubleshoot and resolve issues quicklyProduct Principles: Fast, Easy and Affordable

WHAT WE OFFER TODAY Building towards our future

Network Management

Performance

Configuration

IP Address

VoIP

Systems andApp Management

Servers & Apps

Virtualization

Storage

Database Management

Database Performance

Tools

Remote Troubleshooting

Web Help Desk®

Topology Mapping

Security Management

Log & Event

Patch

Configuration• MySQL® • Oracle®

• SQL Server®

• DB2®

• SAP® ASE

Device Tracking Secure File Transfer

Web Performance

4© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

SECURITY COMPLIANCE OVERVIEW

5© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• The implementation of National Institute of Standards and Technology (NIST) Federal Information Security Management Act (FISMA) is designed to protect the nation’s critical infrastructure

o Provides standards for categorizing IT systems by mission impact (FIPS 199)o Establishes minimum security standards for data and IT systems (FIPS 200)o Establishes baseline security controls and provides guidance for selecting, implementing, and assessing

security controls and assuring their effectiveness (SP 800-53)

• The Risk Management Framework (RMF) provides a framework that combines IT security and risk management into the systems development lifecycle (SP 800-37)

o DOD has adopted the 6-step RMF to transform the traditional C&A processo Categorize your IT assets and identify critical infrastructureo Implement security controls and assess that they are implemented correctlyo Operate assets and monitor effectiveness and vulnerabilities of security controls

COMPLIANCE OVERVIEW

6© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• DOD mandates usage of Security Technical Implementation Guides (STIGS) to standardize secure infrastructure installation and maintenance; these guides were developed by DISA to reduce vulnerability

o Create an inventory of all systems and software in order to determine which STIGS to applyo Monitor configurations and produce compliance reportso Manage configurations to achieve and maintain compliance

• And, let’s not forget about dreaded audits, including DISA Command Cyber Readiness Inspections (CCRI), and OMB/GAO audits

o Preparing for an audit requires considerable documentation and compliance reportingo Audits require detailed knowledge of networked hardware and applications, including asset inventories,

locations, configurations, access privileges, and vulnerabilitieso Which systems are being attacked, and are any still compromised?o IT Pros need to be able to quickly respond to auditor inquiries and provide accurate details

COMPLIANCE OVERVIEW (CONT’D)

7© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

SECURITY COMPLIANCE WITH SOLARWINDS PRODUCTS

8© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

6 SOLARWINDS PRODUCTS TO IMPROVE YOUR SECURITY COMPLIANCE

• Centralized network device change and configuration management

• Fault, availability, path and performance monitoring for networks of all sizes

• Real-time security information and event management (SIEM) software

• Centralized patch management for Windows® desktops, laptops, and servers

• Centrally manage your entire IP infrastructure and fix conflicts

• Automated device tracking and switch port management

Network Performance Monitor

Network Configuration Manager

IP Address Manager

User Device Tracker

9© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

Network Management and Security products to help with compliance

Patch Manager

Log & Event Manager

More information- http://www.solarwinds.com/federal_government/solution/continuous-monitoring.aspx http://www.solarwinds.com/federal_government/solution/cyber-security.aspx

SOLARWINDS SECURITY COMPLIANCE PRODUCT DETAILS

10

• Inventory and standardize network device configurations

• Assess configurations for compliance • Automate change and configuration management• Automatically back-up device configurations and

rollback non-compliant configurations• Proactively scan IOS devices for new vulnerabilities• Implement configuration of security controls and

assure their effectiveness• Produce FISMA and STIGS compliance reports from

configuration templates• Produce audit documentation and reports

Network Configuration Manager

• Quickly detect, diagnose, and resolve network performance problems and outages

• Trend utilization for capacity planning• Track multicast or firewall port discards• Monitor network health and availability• Identify protocol latency delays• Produce audit documentation and reports

Network Performance Monitor

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

11

• Configure correlation rules to help assure effectiveness of security controls

• Real-time and continuous monitoring of security controls

• Produce FISMA and STIGS compliance reports from templates

• Supports STIG requirements for configuration auditing, log analysis and broader network security

• Tracks and report suspicious activities/attacks to provide auditing support

Log & Event Manager

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

SOLARWINDS SECURITY COMPLIANCE PRODUCT DETAILS (CONT’D)

• Automated subnet discovery and IP scanning• Improve DHCP and DNS administration• Get alerts when DNS entries don’t match• IP detail and history tracking

IP Address Manager

• Always know when and where users and end point devices are connected to your network

• Track endpoint devices by MAC and IP address on wired and wireless networks

• Detect rogue devices and users to improve network security using watch lists, alerts, and port shutdown

• Remotely turn switch ports on and off to improve security, or block endpoints and users

User Device Tracker

• Automate patching of Microsoft® and 3rd party applications to improve compliance

• Schedule patches for minimum downtime• Inventory software and physical components per

server or workstation

Patch Manager

• Access Controlso Network Configuration Manager (NCM) can help you monitor/manage network system

configurations, real-time changes, or identify violationso Log & Event Manager (LEM) can help audit and monitor for potential changes

• Audit and Accountabilityo NCM tracks who requested the configuration change, or who made the change directlyo LEM can help satisfy some controls directly

• Configuration Managemento NCM can satisfy some controls directly, and includes prebuilt templates for compliance with

configuration policies for network deviceso Patch Manager (Patch) and LEM can also help in a few key areas

FISMA SECURITY CONTROLS WHERE WE CAN HELP

12© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• Incident Responseo LEM provides help when it comes to incident generation and investigationo Users can also leverage active response to deal with incidents as they occur

• System Maintenance o NCM helps with controlling and managing configuration approvals, and keeps a history o LEM can help alert when logs don't seem to be according to expected maintenance policies

• Media Protectiono LEM's USB-Defender® feature can help with automated controls of removable USB devices

• Security Planningo NCM Approval allows an approval authority before making changes affecting the networko LEM can be used to centrally manage auditing and monitoring, and supports defense-in-depth

FISMA SECURITY CONTROLS WHERE WE CAN HELP (CONT’D)

13© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• Personnel Securityo A lot of this control area is external and policy-related, but LEM can be used to help ensure

what should happen actually did (i.e. trust, but verify)

• Risk Assessmento LEM and Patch both help with vulnerability scanningo Patch can notify or auto update missing patches on affected systems

• System and Communication Protectiono Many of our solutions help detect Denial of Service attackso We also offer tools to support boundary protection and VoIP

• System and Information Integrityo There are a good number of areas where LEM helps with this control for auditing

14

FISMA SECURITY CONTROLS WHERE WE CAN HELP (CONT’D)

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• NCM has a range of features to support STIG complianceo Includes DISA STIG and NIST FISMA reports o Real-time configuration change alertingo IOS vulnerability scanningo User roles, permissions, and activity trackingo Remote firmware and IOS transfers

• LEM has a range of features to support STIG complianceo Supports DISA STIG compliance via our real-time monitoring of related events across systems,

network devices, applications, and security toolso Supports configuration auditing, including logs of relevant STIG best practices, configuration

changes, installation of unapproved software, and moreo Many of LEM’s out of the box rules can be used to address STIGSo LEM also includes STIG and FISMA compliance reports

DISA STIG COMPLIANCE AND WHERE WE CAN HELP

15© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• Review our NIST FISMA/RMF compliance blog:

https://thwack.solarwinds.com/community/solarwinds-community/product-blog/blog/2015/08/01/fisma-nist-800-53-compliance-with-solarwinds-products

• Review our DISA STIGS compliance blog:

https://thwack.solarwinds.com/community/solarwinds-community/product-blog/blog/2011/09/07/disa-stig-compliance-with-log-event-manager

• Download a Federal Compliance whitepaper:

http://www.solarwinds.com/resources/whitepaper/compliance-guide-for-federal-security-and-it-pros.html

• Watch a Federal Security Compliance video:

http://www.solarwinds.com/resources/videos/solarwinds-federal-security-compliance.html

• Download a Continuous Monitoring whitepaper:

http://go.solarwinds.com/fedcyberWP?=70150000000Plgf

16

COMPLIANCE RESOURCESLet us know how we can help you

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

SOLARWINDS COMPLIANCE PRODUCT DEMONSTRATIONS

17© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

Network Configuration Manager

Network Performance Monitor

Log & Event Manager

Patch Manager

Contact Us:SolarWinds

Call: 877-946-3751Email: federalsales@solarwinds.com

Q & A

18© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

• Watch short demo videos: http://demo.solarwinds.com/sedemo/

• Download a free trial: http://www.solarwinds.com/downloads/

• Visit our Federal website: http://www.solarwinds.com/federal

• Call the SolarWinds Federal sales team:  877-946-3751

• Email federal sales: federalsales@solarwinds.com

• Visit our THWACK® government group: http://thwack.com/government

• Follow us on LinkedIn®: https://www.linkedin.com/company/solarwinds-government

19

ADDITIONAL RESOURCESLet us know how we can help you

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide, LLC, and its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or

pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks, registered or pending registration in the United States or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or

registered trademarks of their respective companies.

© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.