Continuous Compliance

20 Launches
Solution Overview

WWT created a framework to support a multi-vendor approach for organizations to thwart security threats. Our Continuous Compliance Solution supports several popular use cases that include user and endpoint validation and automated endpoint remediation. The Continuous Compliance framework is fueled by seamless integration and automation techniques that reduce costs and decrease the time to respond to network vulnerabilities. Additionally, this framework improves the efficiency of security compliance controls that are managed by security analysts. 

Our framework is modular and can be modified to support various customer environment conditions, and robust technologies powered by Cisco and Splunk. Additional technologies that are typically leveraged in operational environments include Tanium, Microsoft (MS) Active Directory, MS Exchange and Nessus. Many of these technologies can be interchanged to support the same compliance functions. 

The Continuous Compliance environment lives in a VMware vCenter cluster in the ATC. It is completely routed by the ATC core and has a custom connection to a physical network adapter. The adapter allows the team to connect a physical Cisco Layer 2 switch to provide 802.1x authentication to three Intel Next Units of Computing (NUCs) that act as endpoint computers. 

Goals & Objectives

The Continuous Compliance Lab enables the practice of our expertise in integration and automation and features the following: 

  1.  User, network and endpoint validation
  2.  Endpoint visibility and remediation 

Hardware & Software

  • Tanium 
  • CylanceOPTICS
  • CylancePROTECT 
  • Tenable.sc 
  • Phantom 
  • Demisto 
  • Cisco ISE 
  • Forescout 
  • JIRA 
  • Splunk 
  • MS Exchange 
Server Devices 
  • 6x Generic Servers (Windows Server 2016) 
  • 1x virtual CISCO ASA (Red Hat Linux 7) 
  • 1x Exchange Server (Windows Server 2016) 
  • 1x Generic Server (Windows Server 2012) 
  • 6x Cisco ISE PANs (Red Hat Enterprise Linux 7) 
  • 3x Cisco ISE PSNs (Red Hat Enterprise Linux 7) 
  • 1x Windows Jump Box (Windows Server 2016) 
  • 11x Generic Servers (CentOS 7) 
  • 2x Generic Servers (Ubuntu) 
  • 5x Generic Servers (Linux 2.6x) 
  • 1x Generic Server (Red Hat Linux 6) 
  • 1x Generic Server (Cent OS 4/5) 
Client Side 
  • 15x Generic Clients (Windows 10 Enterprise) 
  • 1x Attack Host (Kali Linux 2018) 
Additional Hardware 
  • Cisco 3850 Switch
  • 3x Intel NUCs