Latest Version of NetIQ Change Guardian Improves Journey to Zero Trust

by in CyberRes

The latest release of NetIQ Change Guardian is now available. The release includes improved capabilities to centrally manage group policies, centrally manage agents, and the ability to centralize module license management. A notable benefit is the addition of risk scoring capabilities that leverage Center for Internet Security benchmarks that can help an organization’s Zero Trust Architecture approach. 

Latest Version of NetIQ Change Guardian Improves Journey to Zero TrustNetIQ Identity and Access Management solutions are foundational when it comes to a layered and integrated approach for defending critical resources and sensitive data. Our Zero Trust Architecture principles are aligned to the National Institute of Standards and Technology (NIST) organization. This is why our solutions are capable of delivering cyber resilience to our customers so they can have confidence in their security posture. 

How NetIQ Change Guardian helps achieve a zero trust strategy in your enterprise 

Today, most organizations are looking for proven approaches to solving ways to better manage their security posture using the tenants of the NIST Zero Trust Architecture approach. In this recent blog, NIST Zero Trust Publication 800-207, my colleague delves into how NetIQ identity and access management solutions map to the NIST Zero Trust tenants. 

For this blog post, we’re going to focus on Zero Trust Architecture recommendations from NIST that relate to how NetIQ Change Guardian can support your Zero Trust strategy. NetIQ Change Guardian delivers the ability to centrally monitor critical files, systems, and applications in real-time across hybrid environments for potential threats related to least privilege access and policy misconfigurations. Examples include, monitoring and auditing access changes, access creep, orphaned user accounts, failed logins, password resets, or configuration drift. NetIQ Change Guardian then collects the information it monitors and serves it via an easy-to-view dashboard that delivers the ability to help audit and IT teams get the control and visibility needed to rapidly detect and disrupt threats that could negatively impact the confidentiality, integrity, and availability of your organization’s critical assets. 

According to NIST, Zero Trust Architecture is defined as follows:

“Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defences from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan industrial and enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership (enterprise or personally owned)."

When it comes to mapping NetIQ Change Guardian capabilities to the tenants of the NIST Zero Trust Architecture, check out tenants #4 and #5 for more knowledge. From a high level, here are the key excerpts from NIST that best fit how the latest update to NetIQ Change Guardian can help your Zero Trust Architecture journey: 

"Access to resources is determined by dynamic policy—including the observable state of client identity, application/service, and the requesting asset—and may include other behavioural and environmental attributes."  

"The enterprise monitors and measures the integrity and security posture of all owned and associated assets." 

"The enterprise evaluates the security posture of the asset when evaluating a resource request. An enterprise implementing a ZTA should establish a continuous diagnostics and mitigation (CDM) or similar system to monitor the state of devices and applications and should apply patches/fixes as needed." 

"Overall, enterprises need to develop and maintain dynamic risk-based policies for resource access and set up a system to ensure that these policies are enforced correctly and consistently for individual resource access requests."                      

Latest updates to NetIQ Change Guardian 

The latest version of NetIQ Change Guardian supports the above Zero Trust tenants from NIST. Here’s a rundown of the specifics in release 6.2: 

Compliance risk scoring 

  • Added capability to identify the risk associated with configuration change
  • Quickly identify changes that drift away the environment using a centralized console
  • Reporting capability for auditing 

Centralized policy management  

  • Assign policy and policy sets to agents and agent groups
  • Assign compliance-based policy to agents to more quickly identify configuration changes
  • Visualize the policies assigned to agents or agent groups from a central location for auditing purpose 

Centralized agent management  

  • Manage agents, agent groups and health notifications from a central location 

Centralized license management for modules   

  • Manage module licenses centrally
  • Quickly identify what is about to expire and what is expired
  • Quickly request license renewal

Where to get the latest version of NetIQ Change Guardian

For potential customers:

For existing customers:

The release notes for this version are available from MySupport

If you have an active support subscription for NetIQ Change Guardian, you can download the latest version from Software Licenses and Downloads Portal. 

Our goal is to provide you with clear visibility into the support timeline of software products, enabling you to use this information to plan, test, and deploy new product versions. For more information, check our Product Support Lifecycle pages

Additional resources 

I highly recommend the following knowledge resources from my colleagues to demonstrate our advocacy for NIST and suggestions for building a cyber resilient culture in your organization based on NIST Zero Trust Architecture. 

About NetIQ

NetIQ provides security solutions that help organizations with workforce and consumer identity and access management at enterprisescale. By providing secure access, effective governance, scalable automation, and actionable insight, NetIQ customers can achieve greater confidence in their IT security posture across cloud, mobile, and data platforms.

Visit the NetIQ homepage to learn more. Watch video demos on our NetIQ Unplugged YouTube channel.

Join our Community |NetIQ Change Guardian User Discussion Forum | Tips & Info | Change Guardian Idea Exchange


Identity & Access Mgmt