In an effort to demystify PI security and help our customers assess the security posture of their systems, we’ve developed a tool to help baseline the security configuration of PI System components in the form of a PowerShell module. The tool performs validation checks for the machine, PI Data Archive, PI AF Server, SQL Server and PI Coresight, indicating areas where the security configuration is out of compliance with best practices, and providing actionable information to address the issue.
If this is sounding familiar, then you have probably seen the announcement for first iteration of this tool on PI Square (OSIsoft Community at the time) or when it was debuted at vCampusLive! 2013. You may be wondering: what are we doing differently this time around?
For this iteration, we’ve taken the solid framework provided by the original version and enhanced the tool with updates, including:
- Improved User Experience: a detail report with recommendations for all issues identified during the audit (see attached examples)
- Enhanced Capabilities: new validations added to several modules based on best practices
- Expanded Scope: a new module has been added with validation checks for PI Coresight
- General Improvements: bug fixes and enhancements to the infrastructure
- Digital Signature: the module is signed to give confidence the scripts have not been altered
Although we’re excited about the improvements to the tool itself, we’re most excited that the tool is now available on GitHub, allowing for continuous improvement, structured feedback and transparent updates.
So, without further ado, please check out the new PI Security Audit Tools repository on the OSIsoft space on GitHub. There you will find the tool and Wiki with documentation/tutorials for users and contributors alike. We’d love to get your feedback as a user or your contributions if you’re interested in developing the tool further along with us!
PI Security Audit Tools Team
Harry Paul Harry Paul
Lubos Mlcoch Lubos Mlcoch
Vincent Kaufman Vincent Kaufmann
James Dryden James Dryden
Ricky Sun Ricky Sun
Update: for those interested in contributing to the project, Anna Perry put together an introductory video PI Security Audit Tools: How to contribute improvements using Visual Studio
Update 2: made updates to the PI Security Audit Tools team roster.