More Related Content Similar to Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery: Improving Visibility for IT Operations and Information Security (20) More from SolarWinds (20) Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery: Improving Visibility for IT Operations and Information Security1. FEDERAL SE WEBINAR
BEST PRACTICES FOR IT ASSET DISCOVERY: IMPROVING
VISIBILITY FOR IT OPERATIONS AND INFORMATION SECURITY
ED BENDER, FEDERAL SALES ENGINEERING MANAGER
ED.BENDER@SOLARWINDS.COM
703-386-2625
DAVE LARSON, FEDERAL SALES ENGINEER
DAVID.LARSON@SOLARWINDS.COM
512-498-6783
2. • Introduction
• Asset Discovery using:
• Network Performance Monitor (NPM)
• Network Configuration Manager (NCM)
• Server & Application Monitor (SAM)
• User Device Tracker (UDT)
• Storage Resource Monitor (SRM)
• Additional Polling Engines for distributed discovery in remote offices
• Inventory management, and reporting with Web Help Desk®
• Dual Use- How security professionals can get valuable insight into IT assets that are
on your network by logging into your Orion® server
2
TODAY’S AGENDA
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
3. • We have noticed an increase in “Asset Discovery” and “Network Mapping” requests
• US CyberCommand and other InfoSec groups have been looking for asset discovery tools
• “You can’t secure a network if you don’t know it exists”
• We are seeing more InfoSec professionals using SolarWinds products due to their strong
automated asset and configuration management capabilities
• This includes some interesting new alliances between Ops and InfoSec
• FISMA compliance requires organizations to develop and document an inventory of
information system components and review and update inventories
• DHS’ Continuous Diagnostics and Mitigation (CDM) program lists Hardware Asset
Management and Software Asset Management as some of the first steps of the process
• Many SolarWinds® products have strong asset discovery and/or asset management features
• We want to help you better understand the asset discovery and management capabilities
you already have
• And help you provide more value to your agency by easily sharing your automated asset data
3
INTRODUCTION
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
5. • NPM has a powerful discovery feature called network sonar
• Can be run ad-hoc and/or on a scheduled basis
• Discovers using SNMPv1, v2c, v3, and WMI
• NPM discovers IT asset data, including:
• Network devices - manufacturer, model/serial number, firmware/operating system version
• Network devices and computers - MAC and IP addresses
• Hardware health of network devices - temperature, fan speed, power supplies
• NPM also discovers network topology information
• Topology data (Layer 2 and Layer 3) is collected from network devices
• Our Network Atlas utility can automatically create maps from topology data
• Dependencies can automatically be created from topology data
5
ASSET DISCOVERY
USING NETWORK PERFORMANCE MONITOR
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
7. • NCM automatically backs up configurations of switches, routers and firewalls
• Backups are done with SSH®, SNMP or TELNET
• Configurations can automatically be compared to DISA STIG or NIST FISMA
configuration requirements
• Cisco® IOS® versions are checked for open CVEs and supports vulnerability tracking
• NCM inventory feature collects serial numbers of components inside network
devices
• Chassis IDs / serial numbers
• Card serial numbers inside the chassis
• Tracks End of Support dates
• New NCM Connector provides asset data to Cisco SmartAdvisor™ to support network
heath assessment reports
7
ASSET DISCOVERY
USING NETWORK CONFIGURATION MANAGER
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
10. • SAM can discover servers, workstations, virtual hosts and applications
• Can run ad-hoc and/or on a scheduled basis
• Discovers using WMI, SSH, SNMPv1, v2c, v3, VMware® API
• SAM discovers IT asset data, including:
• Physical servers
• Manufacturer, model/serial number, firmware/operating system version
• Chassis, disk drives, video cards, memory modules, CPUs
• Hardware Health of computer hardware - temperature, fan speed, power supplies
• For both physical servers and virtual hosts
• Applications installed on computers
• Linux® via RPM packages
• Windows® via contents of Add/Remove Programs
10
ASSET DISCOVERY
USING SERVER & APPLICATION MONITOR
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
12. • UDT monitors connected devices
• Can run ad-hoc and/or on a scheduled basis
• Discovers using SNMP v1, v2c, and v3
• UDT also discovers and stores MAC addresses that are connected to your switches or
wireless access points
12
ASSET DISCOVERY
USING USER DEVICE TRACKER
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
13. • Use SRM for real-time, agentless NAS and SAN performance monitoring, as well as monitoring
data on volumes, RAID groups, storage pools, LUNs and disks
• SRM uses a wizard driven process to discover and monitor your storage arrays and providers
• SRM also discovers disk drive serial numbers inside SAN and NAS devices
13
ASSET DISCOVERY
USING STORAGE RESOURCE MONITOR
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
14. • Additional Polling Engines allow discovery (and monitoring) to take place from a
Windows server installed in a remote location
• The additional poller can discover IT assets local to the poller
• Only a few ports need to be opened for the Additional Polling Engine to communicate
back to the main Orion server
• Additional Polling Engines also allow scaling to higher numbers of monitored
devices
• Supports both automated (scheduled) and ad/hoc discovery of IT assets
14
DISTRIBUTED DISCOVERY IN REMOTE OFFICES
USING ADDITIONAL POLLING ENGINES
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
15. 15
DISCOVER, MONITOR
AND MANAGE MORE
IT DEVICES
This configuration with
multiple Additional Polling
Engines can Scale to:
• 100,000 Network Elements
• 150,000 Server/Application
Elements
REMOTE DISCOVERY WITH ADDITIONAL POLLING ENGINE
SolarWinds
Orion Server
MS SQL Server®
Additional
Polling
Engine
Up to 75 additional polling
engines can be installed locally
and/or remotely
IT devices and apps
discovered by additional polling
engine in a remote office
IT devices and apps
discovered by main Orion server
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
17. • Web Help Desk (WHD) includes full-featured asset management functionality
• WHD integrates with the Orion database to synchronize IT assets from the Orion
database to the WHD database
• WHD asset management feature includes ability to link purchase orders, trouble
tickets and users to assets
• WHD can:
• Automatically discover IT assets and track their statuses
• Keep IT inventory up to date and schedule IT asset reporting
• Optimize IT inventory planning and procurement forecasts
• Link IT assets to problem tickets to track the problem history of assets
• Import legacy asset inventory into help desk asset repository
17
INVENTORY MANAGEMENT
USING WEB HELP DESK
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
23. • NCM – automated daily DISA STIG and NIST FISMA compliance reports
• Audit trail of when changes were made to network devices and firewalls
• UDT – track what is plugged into your network, and when and where
• SAM, SRM – track serial numbers of hard drives
• Asset reports, including assets in remote locations
• You can’t secure devices that you don’t know exist
• Identify the more critical assets that contain sensitive data
• Help InfoSec understand that your SolarWinds tools can provide them valuable
information about IT assets
23
DUAL USE
HOW SECURITY PROFESSIONALS CAN GET VALUABLE
INSIGHT INTO IT ASSETS THAT ARE ON YOUR NETWORK
BY LOGGING ON TO YOUR ORION SERVER
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
25. • Watch a short demo video: http://www.solarwinds.com/sedemo
• Download a free trial: http://www.solarwinds.com/downloads/
• Visit our Federal website: http://www.solarwinds.com/federal
• Call the SolarWinds Federal sales team: 877-946-3751
• Email federal sales: federalsales@solarwinds.com
• Email our Government Reseller DLT®: solarwinds@dlt.com
• Follow us on LinkedIn® : https://www.linkedin.com/company/solarwinds-government
25
MORE ON SOLARWINDS
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
26. The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide,
LLC, and its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or
pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be
common law marks, registered or pending registration in the United States or in other countries. All other
trademarks mentioned herein are used for identification purposes only and may be or are trademarks or
registered trademarks of their respective companies.
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.