- Inventory current configuration settings
- Compare configuration settings
- Detect configuration drift and diffs
What is “compliance”?
First, let’s define our terms. What does Orca consider “compliance”? The easy answer is that Orca adheres to your definition of compliance. The following are all ways you can define compliance in Orca:
- Configurations must match a gold standard reference point-in-time. For example, configurations should not have changed since the last application release.
- Configurations must match the configuration of another node – a gold standard server. Don’t worry about false positives when IP addresses or server names are different – Orca tokenizes for you.
- Custom rules that dictate the values or value ranges of certain configurations.
Note that you can use Orca to support third party definitions of compliance such as PCI or HIPAA. To do this, set your configuration compliance rules and role based access controls in Orca to support your PCI or HIPAA goals.
Orca alerts you to out of compliance situations in your application stack.
When your configurations have drifted out of compliance, Orca lets you know. Orca’s product, Drift Detector, can send email, show alerts in the console, and provide ecosystem compliance views.
These compliance views are intuitive bird’s-eye views of “application ecosystems.” These application ecosystems include managing the configurations and relationships of applications, databases, middleware and operating systems. We call this bird’s-eye view a color coded “Compliance Heat Map”. When a configuration has drifted out of compliance, Orca colors that node red. Its neighboring nodes will show as yellow to indicate that while they may be in compliance, they interact with a node that is out of compliance.
Why is this important?
Orca highlights configuration drift, compares diffs and alerts you to compliance issues that easily escape notice in less visually-oriented tools. Sometimes the configuration drift is inconsequential. Other times diffs, drift or compliance violations indicate previously hidden problems that can lead to application performance issues, compliance violations, security vulnerabilities or outages.
Here is a common scenario. Have you ever released an application into Production and then magically the application starts performing more slowly or, worse, goes down completely? No one was supposed to touch the Production environment, and no one admits to it, but someone did.
With Orca you can now immediately see configuration drift, compare configurations, and view any compliance violations between application releases. Know exactly when the change was made and what else it affected (did a database setting also change, or an OS configuration?).