Panaseer Platform

Panaseer is a Continuous Controls Monitoring platform for enterprise security. We help stakeholders to make informed, risk-based security decisions.

The Panaseer Platform shows you every asset, application, user and database across your IT estate in real-time. This identifies gaps in controls coverage, aligns security with framework standards and substantiates regulatory compliance.

On this page

Release history

Last updated: January 2020

Overview of Panaseer Platform

About the Panaseer Platform-Archer integration

Panaseer has developed an integrated solution with Archer for Automated Controls Assessment & Assurance. Combining Panaseer’s extensive data connector catalog and scalable data platform, Panaseer can integrate directly with the control systems to collect data to generate complete device inventories and compute metrics that measure control deployment and control performance. These device inventories and metrics are automatically fed into Archer for continuous controls assessment.

Key features and benefits

Traditionally, Archer functions have relied on manual, human-driven approaches to self-assess and assure that controls are deployed and implemented correctly.

The automated and data-driven approach leads to numerous benefits:

  • Reduced Costs – Through automation, large teams doing manual assessments are no longer required.

  • Improved Accuracy – Through data, the assessments are based on facts, rather than people’s opinions.

  • Complete Assessments – No need for sampling as you can automatically test every control instance without requiring a large team.

  • Continuous Assessments – Have a consistently up-to-date view of your control deployment, not the view from 3 months ago when you last did an assessment.

Requirements

Components

Requirement

Archer Solution

Archer Enterprise & Operational Risk Management

Archer IT & Security Risk Management

Archer Use Case

Archer Key Indicator Management

Archer IT Controls Assurance

Archer Applications

Devices

Metrics

Metric Results

Requires On-Demand License

No

Integration architecture

The following diagram provides an overview of how the data flows between the Panaseer Platform and Archer:

The Panaseer Platform will export Devices and Metrics Results data via an internal network location on a regular basis, with an update frequency to be determined and configured by the user.

The integration provides two Data Feeds based on a File Transporter to consume and ingest data produced by Panaseer into the relevant Device and Metrics Results applications.

Additional resources

The following additional resources are available for this application:

Configuring the integration

This section provides instructions for integrating the Panaseer Platform with Archer. This document is not intended to suggest optimum installations or configurations. 

It is assumed that the reader has both working knowledge of all products involved, and the requisite system privileges to perform the tasks outlined in this section. Administrators should have access to the product documentation for both products in order to install the required components.

All Panaseer Platform components must be installed and working prior to the integration. Perform the necessary tests to confirm that this is true before proceeding. 

Important: The integration described in this guide is being provided as a reference implementation for evaluation and testing purposes.  It may or may not meet the needs and use cases for your organization.  If additional customizations or enhancements are needed, it is recommended that customers contact Archer Help for assistance.

Configure Panaseer Platform

Task 1: Install Panaseer CSV Exporter connector

  1. Use your browser to access to NiFi console in the Panaseer Platform using the URL provided by your Panaseer Platform Administrator.

  2. On the main canvas:

    1. Drag the Template icon in the top bar menu and drop into the canvas.

    2. Select Panaseer CSV Exporter from the menu.

    3. Click Add.

Task 2: Schedule the frequency for the exporter

  1. Right click on the Schedule component of the Panaseer CSV Exporter and click on Configure.

    1. On Scheduling Strategy select CRON driven.

    2. On Run Schedule enter a valid CRON expression defining the frequency the exporter should generate new data.

      Note: NiFi uses Quartz format to define CRON expressions instead of UNIX format so keep this in mind when defining your expression. CronMaker is an online utility that can help to define a valid CRON expression for NiFi.

  2. Right click on the Schedule component and click Start to finish the Setup.

Note: To test and validate that the configuration is correct, the Panaseer CSV Exporter can be triggered manually, and moved to the “scheduled mode” once it has been verified.

Configure Archer

Task 1: Add fields to the devices application

  1. Navigate to the applications manager by clicking and selecting Applications under the Application Builder category.

  2. On the list of applications click on Devices and select the Fields tab:

    1. Click on Add New to create the Panaseer Device ID field.

    2. Create a new field from scratch of type Text (leave Advanced and System settings empty).

    3. Click OK to configure the new field as following:

      1. General tab – General Information:

        • Name: Panaseer Device ID

        • Description: The unique ID created and used by Panaseer for the Device

      2. Options tab – Options section check the following:

        • Auditing Information

        • Search Results

  1. Click save and drag the Panaseer Device ID field into the application layout.

  2. Save the changes.

Task 2: Add fields to the metrics application

  1. Navigate to the application manager by clicking and selecting Applications under the Application Builder category.

  2. On the list of applications click on Metrics and select the Layouts tab.

  3. Select the Default Layout then click on the Designer tab:

    1. Click on Add New Field and Text type to create the Panaseer Metric ID field.

    2. Configure the new field as follow:

      1. General tab - General Information:

        • Name: Panaseer Metric ID

        • Description: The unique ID created and used by Panaseer for the Metric

      2. Options tab – Options check the following:

        • Search Results

    3. Drag the Panaseer Metric ID field form the list of Available Fields into the layout and add it to the General Information section.

  1. Save the changes.

Task 3: Setup the Panaseer device inventory data feed

  1. Navigate to the Data Feeds Manager by clicking and selecting Data Feeds under the Integrations category.

  2. In the Data Feeds Manager section, click Import:

    1. Select the Panaseer_Device_Inventory.dfx5 file included in the Data Feeds Package

    2. Click Open

  3. Configure Panaseer Device Inventory Data Feed as follow:

    1. General tab:

      1. Set the Status to Active

    2. Transport tab:

      1. Edit the Path in the Transport Configuration section to amend the UNC Path with the hostname provided by the Administrator of your Panaseer instance. Example: C:\Users\Administrator\Documents\device_inventory.csv

    3. Schedule tab:

      1. Amend the Recurrences section to specify how often the Data Feed should run. The recommended frequency is Daily, but it might depend on your organization’s needs. If you have to increase the frequency of the Data Feed contact your Panaseer Administrator to schedule the source of data to be updated with the similar frequency.

Important: Panaseer Device Inventory data feed is configured to match on the Panaseer Device ID field. This means that Panaseer Device data feed will create new records (if no matches exist) and update records previously created by the Panaseer data feed.

If the Devices application already contains a record for this device, the Panaseer data feed will duplicate the existing entries on its default configuration. To avoid this duplication, the Key Field Definition must be configured to match on a set of fields that uniquely identify a device. Such as the Host Name, MAC Address, and Serial Number.

Task 4: Setup the Panaseer metrics results inventory data feed

  1. Navigate to the Data Feeds Manager by clicking and selecting Data Feeds under the Integrations category.

  2. In the Data Feeds Manager section, click Import:

    1. Select the Panaseer_Metrics_Results.dfx5file included in the Data Feeds Package

    2. Click Open

  3. Configure Panaseer Metrics Results Data Feed as follow:

    1. General tab:

      1. Set the Status to Active

    2. Transport tab:

      1. Edit the Path in the Transport Configuration section to amend the UNC Path with the hostname provided by the Administrator of your Panaseer instance. Example: C:\Users\Administrator\Documents\metrics.csv

    3. Schedule tab:

      1. Amend the Recurrences section to specify how often the Data Feed should run. The recommended frequency is Daily, but it might depend on your organization needs, if you had to increase the frequency of the Data Feed contact with you Panaseer Administrator to schedule their availability at a similar pace.

Note: Follow Chapter 3, task 2 to create the respective Metrics records before running the Metrics Results data feed. The Metrics Results data feed will error until the respective Metrics have been added in Archer application and linked to an existing Panaseer Metric using the Panaseer Metric ID.****

Using the Panaseer Platform integration

In order to use the Metrics Result data feed and automate the gathering of results for metrics in Archer, the metrics must be linked to a Panaseer Metric ID.

At the time of writing, Panaseer supports more than 100 metrics than can be fed into Archer using the same Data Feed.

Contact a Panaseer representative to provide you with the latest catalog of metrics, and to make them available in the Data Feed.

Task 1: Configure the list of metrics

  1. In the shared location provided by Panaseer, create a file with the name “metrics-list.txt” and add a valid Panaseer Metric ID per line.

  2. Save the file.

  3. Panaseer CSV Exporter will read the set of metric IDs from that “metrics-list.txt” file in the shared location and use them the generate a feed of date from Panaseer Platform to be consumed by the Panaseer Metrics Data Feed in Archer.

Task 2: Define a new metric

  1. In your Archer instance, click the drop-down next to the Operation Risk Management Workspace and select the Metrics application under the Key Indicator Management solution.

  2. Click the New to create a new Metrics record.

    1. Populate all required fields in the General Information section. Ensure the Panaseer Metrics ID field is populated with a valid identifier provided by Panaseer

    2. Define the desired threshold values for the Metric in the Threshold Monitoring section

  3. Click Save

  4. You should see the record you just created in the search results. This record will be used to sync data through the Panaseer Metric Results Data Feed.

Task 3: Test the integration

Once the configuration is complete, we will perform a manual test of the data feeds by following the steps below:

  1. Navigate to the Data Feeds Manager by clicking and selecting Data Feeds under the Integrations category.

  2. From the Data Feeds Manager, select Panaseer Metrics Results from the list of data feeds

    1. On the General tab, set the Status of the data feed to Active if it wasn’t already.

    2. On the Schedule tab, click Start to run the data feed.

    3. Ensure there were no errors by reviewing the Run Detail information

  3. Repeat step 2 for the Panaseer Device Inventory data feed.

Metrics records should now be populated with values obtained from the Panaseer data feeds. Device records should also be updated with information from Panaseer

Certification environment

Date Tested: January 2020

Product Name

Version Information

Operating System

Archer

6.7

Windows Server 2019 Datacenter

Panaseer Platform

All

Unix