CimTrak Integrity Suite

CimTrak protects any type of file, whether it is a document, executable, script, application program file, or operating system file.

It also monitors for changes to critical system and device configurations, as well as critical database components. CimTrak instantly determines when files and configurations are modified can take instant, proactive action to correct the change and mitigate risk Increase your survivability from unexpected changes with CimTrak which prevents the compromised objects from ever existing on your servers and network devices.

CimTrak is easy to deploy and scales to the largest of global networks.

CimTrak’s automated detection process, flexible response options, and auditing capabilities make it a powerful compliance, information assurance and security tool.

CimTrak is Common Criteria Certified and ready for use by Australian Government Agencies.

CimTrak consists of three integrated software components - CimTrak Management Console, CimTrak Agent and the CimTrak Master Repository. Each component operates as an autonomous unit, yet work in tandem to provide superior protection of your critical IT assets.

CimTrak Master Repository

The CimTrak Master Repository is the principal component of the CimTrak family. It is where all the authoritative and authenticated copies of protected objects are maintained, digital signatures are stored, objects are validated and communication between the other CimTrak family components is performed.

A complete revision history is kept on the CimTrak Master Repository allowing you to roll back to any pervious version of a file with a simple click of a mouse.

CimTrak Agent

The CimTrak Agent is the watchdog of the system. Its sole objective is to capture and address any event that occurs to any object that is being protected. Each component being protected has an Agent installed, which in turn communicates through an authenticated and encrypted layer, with the CimTrak Master Repository.

The CimTrak agent can monitor a wide variety of components of your IT infrastructure including servers, network devices, applications, databases, and even SCADA systems.

CimTrak Management Console

The CimTrak Management Console or “Client” is your administrative window into the inner workings of CimTrak and your IT environment. The Management Console is used to configure users, analyse events, perform change control and produce reports. Through the Management Console, you can:

Create the policies to determine which directories and/or files to monitor and protect, and define what actions will be taken when a change occurs.

View forensic detail on changes including what was changed, what process made the change and who made the change.

Review extensive reports detailing any and all authorised and unauthorised changes on your servers or network devices as well as the corrective actions automatically taken by CimTrak.

Forensically study quarantined malicious code captured by CimTrak that passed by your firewall, IDS or anti-virus software.

View various system performance criteria such as CPU utilisation, memory utilisation, storage statistics, and other system health information.

CimTrak helps you meet the PCI data security standard real time both by providing you with the industry leading file integrity monitoring and configuration management solution. 

Payment card industry data security standards specifically call for file integrity monitoring (PCI 10.5.5 and PCI 11.5) to be deployed as well as the monitoring of critical network device configurations (PCI 1.1.1)  such as those on firewalls. CimTrak not only covers these payment card industry standards but also gives you the ability to audit a large number of configuration settings against industry benchmarks and PCI data security standards.

Because seconds count when it comes to detecting change in a PCI environment, CimTrak monitors file integrity  in real-time, and notifies you immediately upon a change being detected. Further, CimTrak allows you to take immediate remediation action upon a detected change up to and including automatically restoring a file or device configuration back to its’ original state. With CimTrak, you can feel confident that your PCI environment is protected.

It is important to remember that PCI compliance should be viewed as a “snapshot” in time. Just because you are compliant at this very minute, there is no guarantee that a change will cause you to become non-compliant, or worse, allow a data breach to occur. CimTrak works to help you continuously maintain compliance once you are certified. Continuous compliance keeps bad things from happening, and bad things cost your business not only cold hard cash, but also loss of customers and reputation.

Meeting PCI-DSS Requirements 10.5.5 and 11.5 with CimTrak

While CimTrak can help your achieve compliance with a number of PCI-DSS requirements, two sections, PCI 10.5.5 and PCI 11.5 specifically call for a file integrity monitoring solution such as CimTrak to be deployed.

PCI 10.5.5: "Use file-integrity monitoring and change detection software on logs to ensure that existing log data cannot be changed without generating alerts."

PCI 11.5: "Deploy file-integrity monitoring software to alert personnel to unauthorised modification of critical system files, configuration files, or content files, and configure the software to perform critical file comparisons at least weekly."

The goal of PCI 10.5.5 and PCI 11.5 is to ensure the integrity of critical logs from the PCI environment and to ensure that changes to files do not allow a breach of PCI data.  While PCI 11.5 calls for file-integrity monitoring software such as CimTrak to look for file changes at least weekly, true integrity of your PCI environment requires much more frequent monitoring. CimTrak provides real-time file integrity monitoring (FIM) without taxing your system resources.

This allows you to exceed the minimum frequency for file-integrity monitoring called for in PCI 11.5 and give you added piece of mind that your PCI environment is secure and in a state of constant integrity.  PCI 11.5 also discusses the importance of regularly monitoring the output of your file integrity monitoring (FIM) solution. CimTrak makes it easy by providing complete reporting on changes as well as critical configurations.

Real-time IT Change Control 

Unlike other change management solutions on the market today, unauthorised changes are not simply logged in a database. CimTrak detects, quarantines and can instantly resolve mistakes or unexpected changes so that your critical business functions remain available to employees, customers, and suppliers.

CimTrak ensures the availability and integrity of your critical IT assets by instantly detecting the root-cause and responding in real-time to any unexpected changes to your applications and infrastructure. 

When a change is detected, CimTrak captures it at the exact moment it occurs and provides a detailed audit trail of the incident:

• • Where the change was made
  • When the change took place
  • Who made the change
  • How the change was made
  • What was changed
  • Was it an approved action

CimTrak’s change control and configuration management features ensures that your critical IT assets cannot be tampered with - either maliciously or inadvertently. This guarantees that your applications, databases, servers and network devices, including switches, routers and firewalls, keep running the way they are intended to, so there are no interruption in your business operations or compliance violations.