COMPANY
ABOUT CFENGINE
WHAT IS CFENGINE?
PEOPLE
PARTNERS
USER REFERENCES
CONTACT US
HISTORY OF CFENGINE
ABHORING PATENTS
JOB OPPORTUNITIES
PRODUCTS
CFENGINE NOVA
ORION CLOUD PACK
DEMO VIDEOS
CFENGINE COMMUNITY
LICENSE OFFERS
LICENSE FOR CONSULTANTS
FAQ
SUPPORT
REGISTER A TICKET
SUPPORT SERVICES
TRAINING
CONSULTANCY
THE ENGINE ROOM
VISION
>EXAMPLES
USE CASES
GREEN IT
COMPLIANCE
SERVER LIFE-CYCLE
WHITE PAPERS
NEWSROOM
CFENGINE NEWS
CFENGINE IN THE MEDIA
PRESS RELEASES
CFTIMES
RSS FEEDS


Some Cfengine Users

THE FRAMEWORK - MISSION CASES

Cfengine is the most extensive framework for server self-repair
you will find. Below you will find a few examples of how its power can
be harnessed to transform your environment.

1. Automate and secure your passwords

For system administrators who are responsible for password management Cfengine provides a universal password management solution suitable for SOX or SAS-70 compliance. Forget about managing root passwords manually or with custom scripts, Cfengine's generic capabilities and unlimited scaling save system administration time and always yield compliance with policy, granting limited access to sensitive information on a need to know basis.

Why?

Good password management requires periodic change of passwords. In complex infrastructures passwords must be coordinated between groups of related machines. Using scripts or other push-based solutions is risky and can fail when target hosts are offline. Changing password manually is impractical and the risk for error increases with every human interaction. Everyone with ambitions of ITIL, SOX or SAS70 compliance should use an automation solution like Cfengine.

How Cfengine works

Cfengine is a pull-based solution based on the concept of voluntary cooperation. Each and every server makes sure it is compliant with site policy settings independently. Set the frequency for password change as you like, define groups of passwords according to roles or classes. Cfengine then promises compliance with these settings. Reports are available to document and verify the compliance. Cfengine offers true automation of decentralized password management - it saves you time and improves your system security.

Benefits of using Cfengine:

  • Saves time
  • Increases security
  • Complies with SOX, SAS70
  • Set passwords based on authorization-levels
  • Set passwords based on roles
  • Set change frequency
  • Unlimited number of machines

2. Automate your deployments

For system administrators responsible for installing and configuring new servers and client machines, Cfengine provides zero-touch installation over open network protocols like PXE boot - no proprietary closed standards. Through its automation tools Cfengine can guarantee a low cost, secure and standardized way of setting up any flavour of machine and service.

Why?

System installation and configuration are time-consuming tasks with many possible points of failure. Even with the intention to standardize, manual installations often result in non-standard results due to human factors. Troubleshooting manually, system-administrators first have to check what is currently installed and configured on the machine before starting the diagnostics. With Cfengine, you always know what to expect in advance, the intentions are always clear in the policy, and you almost never need to do anything by hand.

How Cfengine works

Cfengine offers powerful policy-based automation for transforming bare computers into working appliances. Simply power-on an empty machine, have it boot from the network and Cfengine will take care of the rest. Cfengine works cooperatively with operating system installation standards, adding necessary packages and starting required services to ensure that all promises are kept. Want to turn a webserver into a DNS-server or a file-server, this can easily be accomplished hands-free using Cfengine. Using Cfengine is the fastest and most secure way to deploy new machines, maintain and evolve them over time. Cfengine documents intentions and all changes may be logged for compliance with company and regulatory requirements.

Benefits of using Cfengine:

  • Saves time
  • Increases security
  • Install any operating system
  • Install any service
  • Standardize deployments
  • Document configuration changes over time
  • Plug'n play solution

3. Cfengine and Virtualization

For operating environments that want to utilize computer resources more flexibly through virtualization, Cfengine offers an effective way of automating the virtual environment. Cfengine can deploy and retire virtual machines quickly and reliably on demand, bring their internals to policy specification and ensure that key services are running for the lifetime of the system.

Why?

Virtualization has now been embraced as the tool of choice by organizations the world over to achieve more flexible task separation and more efficient resource utilization. However, virtualization brings with it all the same problems as before, scaled up to an even greater number. Manual configuration is out of the question. Deployment is vulnerable to manual change just as with physical machines. Virtualization management software can get a virtual host up and running quickly, but it does nothing to help with customization and configuration.

How Cfengine works

Cfengine works both on the hosting platform and on its virtual clients, so it can be used to automate all layers of the virtual environment. Adding and removing systems on the fly becomes easy and individual systems can be morphed to run any kind of network service. Cfengine can control the relevant processes and define thresholds for reactive behaviour, thereby improving efficiency and play a key role in a datacentre's total power saving strategy. If a process or service crashes, Cfengine restarts it within minutes, ensuring compliance with vital Service Level Agreements.

Benefits of using Cfengine:

  • Add/remove systems on the fly
  • Start/stop processes
  • Threshold based events
  • Resource improvements
  • Automatic configure any system
  • Increase security
  • Standardization

4. Automated Change Management

Compliance with standards and regulations is the new reality in IT management. The flora includes SAS70, SOX, EURO-SOX and de-facto policies like ITIL and ISO17799. Cfengine offers automation to handle policy implementation and change management. Cfengine handles compliance of files and their contents as well as also processes and databases.

Why?

Change management is a business-critical aspect of datacenter operations and a pre-requisite for a variety of standardization regulations. Traditionally change management refers to changes in files and their contents; changes are tracked and then reported for manual control and verification. To obtain a high level of security, change management must be automated. Cfengine is not only a file-"diff" detector but a complete maintenance system, offering full repair of files, processes, and databases.

How Cfengine works

Changes could indicate hacker-attacks, poor work practices or even bugs in software. No one can sit back and assume that only authorized changes occur in the datacenter. Cfengine makes no such assumptions. If a process runs amok, consuming memory or rapidly spawning child-processes, Cfengine can terminate the offending process(es) or restart the entire sub-system. If a process fails, it can be restarted. Cfengine can help service providers meet SLAs by translating specific SLA terms into automatable policies that Cfengine can police. Version control of changes represents another important part of change management. Cfengine can make sure the right version of a software package or application is installed and running, that patches are installed and up to date.

Benefits of using Cfengine:

  • Detect file, content and process change
  • Control file integrity
  • Report all kinds of changes
  • Automatic comply to defined policy
  • Increased chance for SLA compliance
  • Always have latest security patch installed
  • Always have the right version of the software running
  • Start, stop, restart processes