FireScope Secure Discovery and Dependency Mapping (SDDM)
The FireScope Secure Discovery & Dependency Mapping (SDDM) product enables customers to populate and maintain an accurate, service-aware CMDBs using an automated approach to discovery and dependency mapping of all the assets (Configuration Items CIs) in the enterprise.
FireScope’s SDDM is a powerful platform built with the idea that a solution should be simple to deploy, intuitive, provide a quick ROI and be a platform for multiple IT and business use cases.
Flexible, Scalable Architecture
- Built on a 3-tier elastic stack employing new Clustered Edge technology to scale to support the largest and most complex environments.
- Flexible deployment options with hybrid SaaS (default) hosted in Amazon Web Services (AWS) Cloud or for easy OnPrem deployments using turnkey, pre-installed VM’s (no software to install).
- Flexible deployment architectures, as well as flexible licensing models, allows for tailored solutions at the greatest value.
SDDM passively listens to and collects network traffic to understand relationships and dependencies between physical and virtual devices; enabling IT to support the business via:
- Building dependency maps of all devices, applications, IT and business services
- Federating CMDBs via our REST API and keeping the baseline accurate for ITSM platforms, while accelerating deployment activities and ROIs
- Have a RISK based approach to Change Management identifying up and downstream dependencies of configuration items (CI’s).
- Leveraging SDDM Always-On Technology to identify unauthorized changes and new CI’s risks.
- Pre-built, jointly developed integration with Cherwell and ServiceNow available today. Integration with Matrix42 and Ivanti in progress.
FireScope SDDM Business Value
- Audit/Regulatory: SOX, NY-DFS, and HIPAA all require up to date views of critical and unauthorized devices and their relationships.
- Service Portfolio: Analyze the ongoing value of IT to the business identifying mission-critical business relationships.
- Business Continuity Management: Data is key when planning business continuity and the IT to business service relationships are at the top of that list.
- Time-to-Value: Typical deployments are completed in 5 days or less providing immediate value and ROI “right out of the box.”
FireScope SDDM for IT Value
- ITIL® Change Management: SDDM identifies the impacts of changes on dependent CIs, changes that are unauthorized and status needed for change transition
- ITIL® Configuration Management: Once discovered you now have your baseline and related CIs to integrate into your CMS/CMDB
- ITIL® Service Level Management: Using the SDDM maps you can now logically visualize IT dependences to decide SLOs/OLAs
- ITIL® Service Catalogue: Same data from the above can show you all the current state relationships needed to build a service portfolio
- ITIL® Availability Management: Data can be used to identify single points of failure on a business service.
- NIST: Supports Configuration Management controls.
- SecOPs: SDDM maps can be used by Security teams to validate firewall rules are working correctly, trouble-shooting suspicious activities, investigating rogue devices and application micro-segmentation projects.
- Application Support: Gain an end-to-end understanding of applications and business services – even those that are hybrid cloud or span multiple data centers.
FireScope SDDM listens to the URLs being requested by users to discover service endpoints. It can also listen for specific protocols or port traffic, such as LDAP or Oracle applications, to discover infrastructure service endpoints.
From either starting point, the solution analyzes aggregate network traffic between virtual and physical servers to follow transactions through their downstream dependencies. Additional virtualization, storage and network discovery scans complete the picture by mapping the virtual and physical dependencies.
No. A widely raised security concern for many discovery tools is the requirement that RPC ports must be opened and remote administrative privileges granted. With FireScope’s approach, this is not necessary.
FireScope continually analyzes aggregate network traffic; which servers are communicating with other servers over specific ports or protocols. Once a service baseline has been created, all traffic is compared with this baseline to identify new connections as they happen or when connectivity between two assets has stopped for extended periods of time. As this is running continuously, there’s no need to worry about what might me missed with schedule-based discovery.
FireScope SDDM includes a host of options to discover service dependencies. If access to network devices is unavailable, the solution can utilize optional sensors running on vms or servers.
Discovery can still be performed by using port mirroring or NetFlow/sFlow from network devices. Additionally, the network discovery can identify OS, DNS name, running net- work applications (e.g. Apache, MySQL, Oracle) without the use of an agent. Agents do provide much deeper system configuration details, but are not required or could be rolled out at a later date.
In short, nothing. For many competing solutions, you have to tell the solution where to start with each service (e.g. provide a url or server) and know a significant amount about the application’s architecture.
FireScope SDDM can detect which urls are being requested by users, providing you a list of what we have automatically identified as potential services. Once you select the services you care about discovering, the solution does the rest.
Application dependency discovery is limited to applications and the servers they run on, with little to no visibility into other dependencies that are just as critical such as at the network, storage and virtualization layers.
FireScope SDDM supports the complete picture, telling you which applications on which vms are depending on another, which physical hosts and data stores those vms are running on, and which routers and switches they are plugged into. This is absolutely critical for effective change impact analysis, as a failed switch can have a larger impact on the business than a failed server.
Absolutely! At the network level, application architecture becomes moot. Web servers talk to application servers, application servers talk to database servers, regardless of whether they are written in Java, .Net or any other language.
Because FireScope is looking at how different systems are communicating with each other, this allows it to discover any service topology, regardless of platform, architecture or whether they are commercial or custom.
Absolutely. Just a few of the more common scenarios are described below:
- Spreadsheets – We often run into customers with considerable data in spreadsheets, which can be imported and mapped to attribute data.
- SCOM, Solarwinds, asset management or monitoring tools – Leveraging FireScope SDDM’s Enterprise Service Bus and other methods, the solution can directly query these solutions for asset data. This data can then be verified and gaps filled in using FireScope SDDM’s native discovery capabilities.