Your week is anything but routine. Monday starts early with an SEV1 outage. Tuesday, a critical patch is released addressing vulnerabilities to your network. On Wednesday, the CIO needs a security compliance report. Your mail server has degraded performance on Thursday. Friday is a security incident. Saturday is spent dealing with backup failures. Sunday always requires multiple server reboots.
Planning ahead feels like an exercise in futility for most IT Operations professionals, but designing your week for fewer outages, better reporting, and better hygiene is possible with Tanium. As such, here is a five-day plan for a brighter week in IT Operations, by design.
Day one: Monday
Within Tanium, Ask “Get Chassis Type and Operating System” from all machines
Day two: Tuesday
How many times would it have been helpful to know the CPU and memory usage patterns of customer-facing application servers or mission-critical servers before an outage? Particularly before you hear from customers, “this server isn’t working” or it’s “getting kind of slow”? If you had that level of data at any point during the day, you could actually prevent a disaster before it happens.
Within Tanium, Ask “Get Computer Name and CPU Consumption and Logged In Users from all machines with CPU Consumption > 75” for computer information where CPU utilization is over 75% and “Get Computer Name and Operating System and RAM and Memory Consumption from all machines with Memory Consumption > 75” for computer information where memory utilization is over 75%
Day three: Wednesday
Now, let’s talk about your favorite task: patching! If you could immediately see the live patch state of all your active endpoints, how much time would that save you? How about knowing it’s coming from the system when you asked, not from a database that may have aged several days? How about being able to instantly pivot and deploy those Windows patches and trust their delivery? How about doing all of that without pre-staging to complex distributed sets of content servers, and instead directly to endpoints for them to share and install?
Within Tanium, Ask “Get Available Patches” for all patches across all platforms in seconds.
Day four: Thursday
All applications aren’t created equal. Some have more vulnerabilities and are targeted more by hackers, like Flash or Java. The security team has, at some point, probably asked you for an accurate list of all approved and unauthorized applications. How great would it feel to hand them a list of what’s installed right now with certainty because the date was retrieved directly from the endpoint?
Within Tanium, Ask “Get Installed Application Version[java] from all machines” for Java and “Get Installed Application Version[flash] from all machines” for Flash to see how many different instances there are within your environment.
Day five: Friday
How long does it currently take you to remediate a security incident? Consider being able to quickly isolate all the infected machines so that you can quickly contain the incident and focus on your next fire. Within seconds, you can find and quarantine all the impacted systems.
Within Tanium, “Apply Quarantine actions for Windows, Linux or Mac” to isolate infected machines.
Your day is busy, to say the least, and it’s difficult to see how you can get everything completed before the end of the day. With Tanium, it’s possible to get these tasks completed enterprise-wide before lunch. Want to learn more? See how we do it in this video series.
Like what you see? Click here and sign up to receive the latest Tanium news and learn about our upcoming events.
About the author: Mark Semones is the IT Director for Tanium. Over the last 10 years, he has designed, built, and managed complex environments for large organizations. Mark received his Masters in Information Technology from Arizona State University.