Implementing SignaCert Enterprise Trust Server

It may take you less time to see your first results than it will for you to read this page.

SignaCert ETS is a simple, plug-in appliance that installs on your network.

Once the ETS appliance is plugged in, you’re ready to begin looking at the compliance of a machine to a reference standard.

1. Load the reference standard. Start by grabbing a reference against which you want to compare: your standard build, or a manufacturers gold image. This is usually a 5 to 30 minute process depending on how many files you’re scanning, so a large file server will usually take longer than a typical web server.

2. Test your enterprise. Once you have a reference, you can compare multiple endpoints to that reference to determine your compliance. Because this is a one-to-many relationship, the testing process can be done VERY QUICKLY. You can scan a number of machines, e.g., a web server farm where all servers are supposed to be running the same software and have the same content. SignaCert ETS proves that they’re all configured the same, with the same content. You then know that all the configurations are the same as you intended them to be.

3. Repeat steps one and two, loading additional references and do more testing - it should show value immediately.

4. Manage and customize. Once ETS is running, you decide how you want to manage it. Create schedules, customize reporting, and begin to look at compliance and learn how the system is doing. You might also pursue customer training, best practices, or ask how to make this part of your standard release process of software out to production. In fact, you can get more value when it’s part of the release process. It’s important to note that SignaCert does not change the release process.

A little philosophy: Two ways to think about files

SignaCert's Enterprise Trust Server (ETS) fulfills a range of customer needs: proving an exact match and software identification.

Exact match
SignaCert enables you to determine if devices match a specified reference, proving that they are deployed as you intended. If an exact match isn't found, ETS will provide a detailed list of any deviations. SignaCert proves an exact match by:

  • Characterizing the standard build and publishing to the independent server on the ETS
  • Measuring production devices and comparing them to the standard build stored on the ETS
  • Providing detailed information about any deviations from the standard build (if they are not identical)
Benefits of proving an exact match

  • Improve system stability and availability
  • Identify deviations early, allowing fast remediation
Software Identification
ETS provides references for identifying files (by product, version, vendor, etc.) across the enterprise This allows customers to prove that the correct version of software has been deployed and or to provide a positive identification of unknown software by:
  • Measuring production devices and comparing them to software references stored on the ETS
  • Providing reports detailing information about product name, version, vendor, and more
Benefits of Software ID
  • Prove only authorized software is deployed across the enterprise
  • Identify prohibited or otherwise unauthorized software
  • Know what software is deployed where