Configuration Monitoring

configuration management processes ensure all network appliances are in a known state
- configuration states:
  - baseline or golden configuration
    - template for the state that a given device should be in
  - production configuration
    - current actual configuration state of the device
    - includes running config and startup config
  - backup configuration
    - a point-in-time copy of a running or startup configuration

A configuration monitor generates logs, alerts, or alarms when there is a change to a device’s production configuration.

some tools can identify line-by-line differences between production and baseline configs

Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer (MBSA) is a tool provided by Microsoft that can identify installed or missing patches as well as common security misconfigurations.

run with administrative rights
provides more detailed information about specific patches that are installed
- better than nmap or Nessus

adam's notes

Table of Contents

Configuration Monitoring

Microsoft Baseline Security Analyzer (MBSA)

Graph View

Backlinks