Version 4 of 360 GRC ConfigScan was released on 01.01.10. This version includes thousands of audit checks across thirteen of the major compliance laws, governance frameworks and industry best-practices. ConfigScan currently boasts over 550 devices across Cisco IOS 10.x to present.
ConfigScan is updated quarterly with new features. Additionally, any changes in the supported laws are released as they are mapped. Currently, the development team is expanding:
- The number of devices supported
- The number of vendors supported
- The number of checks supported
- The types of devices supported
All, of course, without the need to configure templates or to know the configuration mappings. The product was designed to be implemented within 30 minutes -without the need for technical network knowledge or support.
ROI Model to compute current costs
One of the first questions we receive is looking for an ROI model. We have 'developed' the model below. This ROI is easily demonstrated - unlike many ROI models that claim millions of dollars of loss for 1 minute of downtime. Many of these ROI models make assumptions; the 360 GRC model is exactly as seen below.
- Determine the number of devices to be tested (perform two ways - the sample size and the total devices) (N) *Ensure that this captures the entire year -not just one test cycle.
- Determine the duration to audit each device (T)
- Determine the cost of the auditor (either internal or external) (C)
- G is the grand total spend
- Multiply these numbers together to get the current spend: (N*T)C=G
An example
Company A:
Total 1000 devices.
Sample size is 250 per year.
Each device takes about eight (8) hours to review the configuration code and four (4) hours of report writing to document the issue and to determine a resolution.
Due to shortage in staff, the audit is outsourced. The cost of the external auditor is ~$250/hr
To determine the costs, we use the formula:
N=250 (and 1000)
T=12/per unit
C=$250/hr
(250*12)250=$300,000 - For the entire inventory, (1000*12)250=$3,000,000
Below is the chart to determine the customer size. The numbers are based on an average spend across sectors. A company in the financial services space may spend much more money than a company in the retail business.
| Customer Averages |
| Criteria |
Small sized customer |
Medium sized customer |
Large customers |
Carrier class customers |
| # of employees |
0 to 150 |
150 to 500 |
501 to 1000 |
1000+ |
| # of network devices |
0 to 50 |
51 to 500 |
501 to 5000 |
5001+ |
| Network vendor |
Cisco |
Cisco |
Cisco |
Cisco |
| Network budget |
<$1m |
$1m to $10m |
$5m to $50m+ |
$50m+ |
| Network team size |
Outsourced |
5 to 20 engineers |
NOC services |
Multiple NOC sites |
| Market sector |
Any |
Any |
Any |
Any |
| Customer location |
< 5 locations |
Within the US |
Global presence |
Global presence |
| Regulatory compliance |
Cisco Security Baseline, Regulatory compliance |
Cisco Security Baseline, Regulatory compliance |
Cisco Security Baseline, Regulatory compliance |
Cisco Security Baseline, Regulatory compliance |
