What is VASGARD/IAN?
The only scalable platform to integrate and map security and compliance data into a single point of truth.
VASGARD/IAN integrates all information security and compliance-relevant data and generates an up-to-date picture of the company’s IT impact chains. The Platform is highly adaptable and scalable to meet ever-changing reporting requirements. It also significantly reduces the costs and time associated with legacy security tools and growing compliance requirements.
The platform ensures traceability across all levels of information security management. Existing systems, processes and documents are made usable in an interdisciplinary and cross-departmental manner – from the default document to vulnerability management. With the flexible architecture, no information and therefore no risk remains undiscovered.
Advantages at a glance
General transparency
VASGARD/IAN enables the correlation and evaluation of security-related information. The platform helps identify compliance and security goals and translates these goals into measurable and defined rules for operations.
Bidirectional information flow
VASGARD/IAN enables the integration of existing solutions and inventory systems as data providers. Due to the bidirectional communication of the connectors, all information from VASGARD/IAN is returned to the inventory systems.
Protected investments
VASGARD/IAN leverages the asset and status information of individual business units and systems that is already available but incompatible in conventional architectures. This protects and enhances investments sustainably.
Efficient risk management
VASGARD/IAN identifies and documents vulnerabilities and risks. In addition, the progress made in implementing measures is made transparent.
Continuous alignment
VASGARD/IAN continuously aligns systems in operation with currently known vulnerabilities and compares system settings with defined defaults. This reduces vulnerability to attacks and operational risk.
Comprehensive user group
VASGARD/IAN supports employees in compliance departments, in ITSM and ISM operations as well as in classic auditing and outsourcing. This makes cross-organizational collaboration and provider management much more efficient.
Selection of supported standards
- DORA
- NIS2
- GDPR
- IT-Grundschutz
- MaRisk
- BSI C5
- ISO 27001
- ISO 27019
- ISO 22301
- COBIT 5.0
- BDSG
- Landesbankvorgabenkatalog
VASGARD/IAN transforms compliance and security-related tasks with a revolutionary architecture.
VASGARD/IAN integrates any type of data source without requiring excessive interface development. The platform automatically collects and normalizes asset information and provides critical information from disparate data sources for operational and strategic business decisions. In this way, VASGARD/IAN enables users to access the information they need.
Why do you need the VASGARD/IAN?
VASGARD/IAN detects the intersecting data streams and ensures that you act, not react. This significantly reduces your effort for audits, assessments, change, compliance, incident and risk management.
Visualization
Display information network
Use the collected data and graphically display interrelationships of your assets with templates to view the current status of the information network (impact chain, structural analysis).
- Create comprehensive overviews with just one click
- Save created overviews, share them or use them in reports
- Display of assets can be extended according to your own needs
- Layout and style of visualization individually customizable
The VASGARD/IAN platform supports
- Maintenance of complex impact chains in real time
- Assigning the level of protection based on business impact and protection needs
- Identification and management of IT-related risks
- Need for urgent security-related patches
- Organizational silos to improve IT security while reducing costs and increasing productivity
- Regulatory compliance reporting based on aggregated data
- Handling and managing outsourced (cloud) services
Software-as-a-Service (SaaS)
We offer VASGARD/IAN as a web-based solution and ensure its operation.
Operation takes place in an ISO 27001 certified data center in Germany. All data is processed and stored exclusively in Germany.
On-Premise Hosting
We offer the VASGARD/IAN platform as an appliance for your infrastructure.
VASGARD/IAN Architecture
The VASGARD/IAN platform consists of the core (core program), the CCDB (database) and the installed apps (solutions) of the client. It uses a bidirectional VASGARD/IAN Integration Bus (VIB) in conjunction with the respective required VASGARD/IAN Integration Connectors (VIC).
Download VASGARD/IAN architecture as PDF.
VASGARD/IAN Apps
AWM
Application Management
ABM
Deviation Management
PLM
Product Lifecycle Management
BKM
Authorization Concept Management
FWR
Firewall Recertification
Frequently asked questions about the VASGARD/IAN
VASGARD/IAN can currently map up to 99 clients in the system.
In addition to the multi-client capability, which enables encapsulated data storage and processing as well as selective data transfer between clients, the system has a rights and roles system that is broken down to the last attribute.
User administration (authentication and authorization) can be connected directly via Microsoft AD Connect or LDAP in most use cases. In addition, the platform provides support for multi-factor authentication (MFA), which can be activated user-specifically according to the customer’s specifications.
The master data transfer of employee identities also creates the basis for targeted information and workflow support (notification by e-mail), which plays a central role in outsourcing management for controlling processes.
In VASGARD/IAN, customized reports can be created and independently adapted using an integrated reporting engine.
All data can be exported as PDF, Excel or CSV using the standard export function.
Connection to existing systems is possible via connectors (VICs). If no documented APIs are available for the inventory systems or for querying data, the import/export of file-based data can be used. VASGARD/IAN provides standard VICs for csv and xls files for this purpose.
Outsourcing management is mapped in the platform as a separate Central Outsourcing Management (ZAM) app, which can be operated independently of all other apps. The basic prerequisite for implementation is the existence of the CI classes addressed by the ZAM app, which are included in the standard version of the platform. Customer-specific adaptations, in particular of outsourcing questionnaires and evaluation logic, are a basic component of the ZAM app and the VASGARD/IAN implementation process.
The workflows and content changes (5-year period) can be traced at any time for a revision. If, for example, customer-specific adjustments need to be made to standard workflows in the Central Outsourcing Management (ZAM) app, these can be adapted in the form of an updated process image in the documents.
All changes to data in the platform are recorded directly and saved on the asset in a version history. This ensures that the recording of changes is fundamentally audit-proof and traceable. It is irrelevant whether the changes were initiated by dialog users or by background processes via interfaces.
VASGARD/IAN includes an archive function integrated into the system. This makes it possible to search through archived data and restore objects. For archiving data in customer systems, automated exports of data can be derived, which can then be processed by the customer’s archiving system.
VASGARD/IAN has a complex role-based access control (RBAC) for each app and the entire platform. Roles and rights can be customized according to customer requirements or transferred from AD/LDAP groups.
German and English are supported as standard. The desired language can be set in the basic settings of the respective user. Other languages are available on request.
CCDB is the term used for the Compliance Configuration Database. The database consolidates all information about the current compliance and security status of relevant assets, i.e., assets involved in an IT value chain.
A VIC is a VASGARD/IAN Integration Connector. A major disadvantage of conventional IT security systems are incompatible interfaces for data transfer between systems. To overcome this disadvantage, VICs have been developed. With the VASGARD/IAN Integration Connectors, different systems can be connected to the VASGARD/IAN.
A VIB (VASGARD/IAN Integration Bus) is a central component of the VASGARD/IAN architecture. It enables secure, bidirectional data exchange between the integration connectors (VICs) and the platform’s system modules. This integrates various data sources and brings together information from different IT systems in a compatible manner to provide an up-to-date picture of the IT security and compliance situation.