Many people are uncertain of the meaning of the term Configuration Management. This paper will clarify the term configuration as applied to computer used in support of core business and answer the question of how it can but used along with a firewall to provide total system security. The proliferation of new computer-based products with attractive marketing makes the choice of business-support hardware and software difficult. Attempts to integrate packages without due regard to the existing system can lead to difficulties.

There is a widespread recognition of the need for effective management of any computer system that supports a business function, but even amongst the technocrats of the computer world there is uncertainty and suspicion about the term configuration management (CM). The term configuration is used to refer to all parts of a computer system: hardware, software, application packages, bespoke software, operating system(s) software, in-house developed and maintained software, on-screen help files and documentation manuals, working practices, communication interfaces, LANs, WANs, and all peripherals. Many computer systems supporting a commercial concern will be undergoing

------------------------------------------------------------------------

ers for which telnet would otherwise have to be disabled, and frequently audited. With a simple firewall rule against telnet, it becomes much less critical to ensure that telnet is disabled everywhere. The same is true of services like network file systems (NFS) that are useful within enterprises but much too dangerous (because of protocol-level vulnerabilities) to share with others over the Internet. By blocking NFS traffic from the Internet, internal systems are free to use NFS without having to ensure that every system tries to reject NFS communication from the outside. Every measure, even these good tradeoffs where modest effort saves lots of effort that would otherwise be required, are part of complex systems where every change can have unexpected side effects.

to be added, existing software to be upgraded, etc. Configuration management provides assurance that additions, deletions, or changes made to the TCB do not compromise the trust of the originally evaluated system.

An example is where it is easy to block NFS by blocking all Internet-based traffic using UDP (the transport protocol underlying NFS). This once was typical because of common security issues of all UDP-based protocols. However, some UDP-based protocols are permitted, especially ones with relatively

Some common words found in the essay are:
LANs WANs, Internet Corporations, Configuration Management, RealAudio NFS, Management Firewalls, configuration management, term configuration, port usage, term configuration management, configuration control, udp-based protocols, changes tcb, hardware software, operating systems, computer system, total system,
Approximate Word count = 919
Approximate Pages = 4 (250 words per page double spaced)