SlideShare a Scribd company logo
1 of 13
Download to read offline
Applications, Firewalls & 
Routers 
Extending discovery to network devices and their relationships to your 
applications. 
Presented by Wes Fitzpatrick – wfitzpatrick@cssdelivers.com
ADDM Current Discovery Capability – pros and cons 
• ADDM is very good at mapping: 
• Application 2 software dependencies 
• Software 2 software, host dependencies 
• Host 2 host, neighbouring switch dependencies 
• Technical and operational dependencies 
• Not so good for: 
• Switch and router neighbours 
• Firewall neighbours 
• Load balancer neighbours 
• Logical or functional application dependencies
Application Architecture as seen by ADDM
Application Architecture as seen by the Organisation 
https://rmohan.com/?p=436
Business Cases 
• Multinational retailer 
• 1500 OSIs comprised of Windows, Unix, AS400s, Exadata and Netezza. 
• Application stack included F5 load balancers and AS400 messaging 
subsystems. 
• Tier 1 Investment bank 
• 10,000 OSIs 
• Decentralised ADDM deployments to Americas, EMEA, APAC datacentres. 
• BAM not used – single focus on remote firewalled connections.
Getting Load Balancers into the Model 
• SNMP Only 
• Creates a NetworkDevice node 
• No direct relationship to SIs or BAIs. 
• Solution 
• Trigger on a web server SI type 
• Create an link through DiscoveryAccess and update an attribute on the SI 
• Trigger on NetworkDevice 
• Create an SI for “F5 Load Balancer” 
• Reverse lookup DiscoveredNetworkConnection for port to process mapping 
• All communicating software!
Getting Firewalls into the Model 
• Can be discovered (unsupported device) 
• Custom TPL needed 
• SNMP? 
• No direct way to link to a Host or Router
Getting Firewalls into the Model 
http://www.xpresslearn.com/networking/design/network-design-series-ii/# 
• Bank Environment
Getting Firewalls into the Model 
• Bank Environment 
• No TPL required (no application models) 
• No 3rd party software available 
• Scanning additional domains/zones not permitted 
• NMAP not permitted 
• SNMP login to firewalls/routers not permitted 
• Traceroute? Maybe…. 
"Hop-count-trans" by Stagira - http://commons.wikimedia.org/wiki/File:Hop-count-trans.png#mediaviewer/File:Hop-count-trans.png
Getting Firewalls into the Model cont… 
• Solution 
• Obtained a pre-defined list of “hand-off” routers 
• Started with pool of 100 dev hosts 
• TPL out of the question 
• Expanded to 1000 prod hosts 
• 200,000 remote IP addresses in ADDM (40,000 unique records) 
• Filtered to 7500 unique remote IPs, 230 outside of firewall 
• Output 4 csv files: 
• Hosts with hand-off router connections 
• Hosts with no remote connections 
• Traceroute timings 
• Connection details 
• Average 3 seconds per traceroute, 90 minutes to run.
Summary 
• Multinational retailer 
• In the process of mapping their additional applications. 
• Application models now considered core to move. 
• Tier 1 Investment bank 
• 1st Stage proof of concept success. 
• Considering expanding script to other datacenters for holistic view.
Summary 
• Application Models can be extended to include 
• Routers 
• Load Balancers 
• Firewalls 
• ADDM is a ‘must-have’ tool for datacentre migrations 
• Provides visibility of ‘what’ is connected ‘where’ 
• Important to understand how the application model differs from HLD
Questions? 
https://communities.bmc.com/ideas/7623 
http://www.slideshare.net/WesFitzpatrick/bmc-addm-cheat-sheet-css-delivers- 
37644290

More Related Content

What's hot

Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Kangaroot
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseBahman Kalali
 
MSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationMSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationSiemplify
 
USPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementUSPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementJim Piechocki
 
Security and compliance for healthcare pitch deck partner
Security and compliance for healthcare pitch deck partnerSecurity and compliance for healthcare pitch deck partner
Security and compliance for healthcare pitch deck partnerMicrosoft 365 Developer
 
The Travelling Pentester: Diaries of the Shortest Path to Compromise
The Travelling Pentester: Diaries of the Shortest Path to CompromiseThe Travelling Pentester: Diaries of the Shortest Path to Compromise
The Travelling Pentester: Diaries of the Shortest Path to CompromiseWill Schroeder
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Florian Roth
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedWill Schroeder
 
When Security Tools Fail You
When Security Tools Fail YouWhen Security Tools Fail You
When Security Tools Fail YouMichael Gough
 
Principles of System Observability
Principles of System Observability Principles of System Observability
Principles of System Observability Janis Orlovs
 
Présentation et démo ELK/SIEM/Wazuh
Présentation et démo ELK/SIEM/Wazuh Présentation et démo ELK/SIEM/Wazuh
Présentation et démo ELK/SIEM/Wazuh clevernetsystemsgeneva
 

What's hot (20)

Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find Them
 
Apache Metron: Community Driven Cyber Security
Apache Metron: Community Driven Cyber Security Apache Metron: Community Driven Cyber Security
Apache Metron: Community Driven Cyber Security
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation final
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use case
 
MSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationMSSP - Security Orchestration & Automation
MSSP - Security Orchestration & Automation
 
USPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementUSPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability Management
 
Security and compliance for healthcare pitch deck partner
Security and compliance for healthcare pitch deck partnerSecurity and compliance for healthcare pitch deck partner
Security and compliance for healthcare pitch deck partner
 
The Travelling Pentester: Diaries of the Shortest Path to Compromise
The Travelling Pentester: Diaries of the Shortest Path to CompromiseThe Travelling Pentester: Diaries of the Shortest Path to Compromise
The Travelling Pentester: Diaries of the Shortest Path to Compromise
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Maturity Model of Security Disciplines
Maturity Model of Security Disciplines
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting Revisited
 
When Security Tools Fail You
When Security Tools Fail YouWhen Security Tools Fail You
When Security Tools Fail You
 
Principles of System Observability
Principles of System Observability Principles of System Observability
Principles of System Observability
 
Présentation et démo ELK/SIEM/Wazuh
Présentation et démo ELK/SIEM/Wazuh Présentation et démo ELK/SIEM/Wazuh
Présentation et démo ELK/SIEM/Wazuh
 
Software as a Service
Software as a ServiceSoftware as a Service
Software as a Service
 

Viewers also liked

Update CMDB Using Discovery Topology (BMC ADDM)
Update CMDB Using Discovery Topology (BMC ADDM) Update CMDB Using Discovery Topology (BMC ADDM)
Update CMDB Using Discovery Topology (BMC ADDM) Vyom Labs
 
Fundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDM
Fundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDMFundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDM
Fundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDMSandeep Bhatia
 
Addmi 07-taxonomy
Addmi 07-taxonomyAddmi 07-taxonomy
Addmi 07-taxonomyodanyboy
 
Cheat sheets for coding
Cheat sheets for codingCheat sheets for coding
Cheat sheets for codingIsaac Oteyo
 
Install Word Press with xampp
Install Word Press with xamppInstall Word Press with xampp
Install Word Press with xamppMehdi Sharifirad
 
Twitter Guide Cheat Sheet
Twitter Guide Cheat SheetTwitter Guide Cheat Sheet
Twitter Guide Cheat SheetSharath g
 
Difference WAMP and XAMPP
Difference WAMP and XAMPPDifference WAMP and XAMPP
Difference WAMP and XAMPPJainul Musani
 
Effective 15-minute presentations - Cheat Sheet
Effective 15-minute presentations - Cheat SheetEffective 15-minute presentations - Cheat Sheet
Effective 15-minute presentations - Cheat SheetJan Schrage
 
Understanding ITIL CMDB
Understanding ITIL CMDBUnderstanding ITIL CMDB
Understanding ITIL CMDBManageEngine
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 

Viewers also liked (17)

Update CMDB Using Discovery Topology (BMC ADDM)
Update CMDB Using Discovery Topology (BMC ADDM) Update CMDB Using Discovery Topology (BMC ADDM)
Update CMDB Using Discovery Topology (BMC ADDM)
 
Fundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDM
Fundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDMFundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDM
Fundamentals of SACM,ITAM,ITIL,BMC Discovery-ADDM
 
Addmi 07-taxonomy
Addmi 07-taxonomyAddmi 07-taxonomy
Addmi 07-taxonomy
 
Resume-BMC-ADDM-2-Experience
Resume-BMC-ADDM-2-ExperienceResume-BMC-ADDM-2-Experience
Resume-BMC-ADDM-2-Experience
 
Resume_Krishna
Resume_KrishnaResume_Krishna
Resume_Krishna
 
Cheat sheets for coding
Cheat sheets for codingCheat sheets for coding
Cheat sheets for coding
 
Google Cheat Sheet
Google Cheat SheetGoogle Cheat Sheet
Google Cheat Sheet
 
Install Word Press with xampp
Install Word Press with xamppInstall Word Press with xampp
Install Word Press with xampp
 
Introduction to php
Introduction to phpIntroduction to php
Introduction to php
 
Twitter Guide Cheat Sheet
Twitter Guide Cheat SheetTwitter Guide Cheat Sheet
Twitter Guide Cheat Sheet
 
MySQL Cheat Sheet
MySQL Cheat SheetMySQL Cheat Sheet
MySQL Cheat Sheet
 
Difference WAMP and XAMPP
Difference WAMP and XAMPPDifference WAMP and XAMPP
Difference WAMP and XAMPP
 
Sql ppt
Sql pptSql ppt
Sql ppt
 
Effective 15-minute presentations - Cheat Sheet
Effective 15-minute presentations - Cheat SheetEffective 15-minute presentations - Cheat Sheet
Effective 15-minute presentations - Cheat Sheet
 
Understanding ITIL CMDB
Understanding ITIL CMDBUnderstanding ITIL CMDB
Understanding ITIL CMDB
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with Data
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 

Similar to Extending ADDM Discovery to Firewalls, Applications and Routers

Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...
Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...
Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...Deepak Shankar
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 
IaaS with Software Defined Networking
IaaS with Software Defined NetworkingIaaS with Software Defined Networking
IaaS with Software Defined NetworkingPrasenjit Sarkar
 
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged KeynoteApp to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged KeynoteCohesive Networks
 
Realtime traffic analyser
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyserAlex Moskvin
 
Ransomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-ServiceRansomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-ServiceSagi Brody
 
Taming unruly apps with open source networking
Taming unruly apps with open source networkingTaming unruly apps with open source networking
Taming unruly apps with open source networkingSusan Wu
 
25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloudshira koper
 
Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015AFCEA International
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewallsDivya Jyoti
 
Network security chapter 6 and 7 internet architecture
Network security chapter  6 and 7 internet   architectureNetwork security chapter  6 and 7 internet   architecture
Network security chapter 6 and 7 internet architectureMuhammad ismail Shah
 
Fiware: Connecting to robots
Fiware: Connecting to robotsFiware: Connecting to robots
Fiware: Connecting to robotsJaime Martin Losa
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
CCS335 - Cloud architecture model and infrastructure
CCS335 - Cloud architecture model and infrastructureCCS335 - Cloud architecture model and infrastructure
CCS335 - Cloud architecture model and infrastructureNiviV4
 
VTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingVTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingSachin Gowda
 

Similar to Extending ADDM Discovery to Firewalls, Applications and Routers (20)

Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...
Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...
Mastering IoT Design: Sense, Process, Connect: Processing: Turning IoT Data i...
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtube
 
IaaS with Software Defined Networking
IaaS with Software Defined NetworkingIaaS with Software Defined Networking
IaaS with Software Defined Networking
 
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged KeynoteApp to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
 
Realtime traffic analyser
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyser
 
Ransomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-ServiceRansomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-Service
 
Taming unruly apps with open source networking
Taming unruly apps with open source networkingTaming unruly apps with open source networking
Taming unruly apps with open source networking
 
25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud
 
Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015Next-Generation Network Security: TechNet Augusta 2015
Next-Generation Network Security: TechNet Augusta 2015
 
Thick client application security assessment
Thick client  application security assessmentThick client  application security assessment
Thick client application security assessment
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Network security chapter 6 and 7 internet architecture
Network security chapter  6 and 7 internet   architectureNetwork security chapter  6 and 7 internet   architecture
Network security chapter 6 and 7 internet architecture
 
Fiware: Connecting to robots
Fiware: Connecting to robotsFiware: Connecting to robots
Fiware: Connecting to robots
 
SMARTxAC / Network Polygraph
SMARTxAC / Network PolygraphSMARTxAC / Network Polygraph
SMARTxAC / Network Polygraph
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
CCS335 - Cloud architecture model and infrastructure
CCS335 - Cloud architecture model and infrastructureCCS335 - Cloud architecture model and infrastructure
CCS335 - Cloud architecture model and infrastructure
 
cloud computng
cloud computng cloud computng
cloud computng
 
VTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingVTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
 

Recently uploaded

High-Level Synthesis for the Design of AI Chips
High-Level Synthesis for the Design of AI ChipsHigh-Level Synthesis for the Design of AI Chips
High-Level Synthesis for the Design of AI ChipsObject Automation
 
Retrofitting for the Built Environment - IES
Retrofitting for the Built Environment - IESRetrofitting for the Built Environment - IES
Retrofitting for the Built Environment - IESIES VE
 
LLM Threats: Prompt Injections and Jailbreak Attacks
LLM Threats: Prompt Injections and Jailbreak AttacksLLM Threats: Prompt Injections and Jailbreak Attacks
LLM Threats: Prompt Injections and Jailbreak AttacksThien Q. Tran
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Checklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docxChecklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docxNoman khan
 
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...UiPathCommunity
 
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology   LoRaWANデバイス、ゲートウェイ ユースケースDragino Technology   LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケースCRI Japan, Inc.
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter Guards5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter GuardsCPR Gutter Protection
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Elevate Your Business with TECUNIQUE's Tailored Solutions
Elevate Your Business with TECUNIQUE's Tailored SolutionsElevate Your Business with TECUNIQUE's Tailored Solutions
Elevate Your Business with TECUNIQUE's Tailored SolutionsJaydeep Chhasatia
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Grade 10 Computer Lesson 5: What is Blogging?
Grade 10 Computer Lesson 5: What is Blogging?Grade 10 Computer Lesson 5: What is Blogging?
Grade 10 Computer Lesson 5: What is Blogging?rosariokimberlyannma
 
DS Lesson 2 - Subsets, Supersets and Power Set.pdf
DS Lesson 2 - Subsets, Supersets and Power Set.pdfDS Lesson 2 - Subsets, Supersets and Power Set.pdf
DS Lesson 2 - Subsets, Supersets and Power Set.pdfROWELL MARQUINA
 
COMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptx
COMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptxCOMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptx
COMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptxabalosyvonne42
 
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.DianaGray10
 
GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...
GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...
GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...James Anderson
 

Recently uploaded (20)

High-Level Synthesis for the Design of AI Chips
High-Level Synthesis for the Design of AI ChipsHigh-Level Synthesis for the Design of AI Chips
High-Level Synthesis for the Design of AI Chips
 
Retrofitting for the Built Environment - IES
Retrofitting for the Built Environment - IESRetrofitting for the Built Environment - IES
Retrofitting for the Built Environment - IES
 
LLM Threats: Prompt Injections and Jailbreak Attacks
LLM Threats: Prompt Injections and Jailbreak AttacksLLM Threats: Prompt Injections and Jailbreak Attacks
LLM Threats: Prompt Injections and Jailbreak Attacks
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Checklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docxChecklist to troubleshoot CD moisture profiles.docx
Checklist to troubleshoot CD moisture profiles.docx
 
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...
 
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology   LoRaWANデバイス、ゲートウェイ ユースケースDragino Technology   LoRaWANデバイス、ゲートウェイ ユースケース
Dragino Technology LoRaWANデバイス、ゲートウェイ ユースケース
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter Guards5 Considerations For Choosing The Best Gutter Guards
5 Considerations For Choosing The Best Gutter Guards
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Elevate Your Business with TECUNIQUE's Tailored Solutions
Elevate Your Business with TECUNIQUE's Tailored SolutionsElevate Your Business with TECUNIQUE's Tailored Solutions
Elevate Your Business with TECUNIQUE's Tailored Solutions
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Grade 10 Computer Lesson 5: What is Blogging?
Grade 10 Computer Lesson 5: What is Blogging?Grade 10 Computer Lesson 5: What is Blogging?
Grade 10 Computer Lesson 5: What is Blogging?
 
DS Lesson 2 - Subsets, Supersets and Power Set.pdf
DS Lesson 2 - Subsets, Supersets and Power Set.pdfDS Lesson 2 - Subsets, Supersets and Power Set.pdf
DS Lesson 2 - Subsets, Supersets and Power Set.pdf
 
COMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptx
COMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptxCOMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptx
COMPUTER_GROUP 7_10 ST. JOHN VIANNEY.pptx
 
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
Unleashing the power of AI in UiPath Studio with UiPath Autopilot.
 
GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...
GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...
GDG Cloud Southlake 31: Santosh Chennuri and Festus Yeboah: Empowering Develo...
 

Extending ADDM Discovery to Firewalls, Applications and Routers

  • 1. Applications, Firewalls & Routers Extending discovery to network devices and their relationships to your applications. Presented by Wes Fitzpatrick – wfitzpatrick@cssdelivers.com
  • 2. ADDM Current Discovery Capability – pros and cons • ADDM is very good at mapping: • Application 2 software dependencies • Software 2 software, host dependencies • Host 2 host, neighbouring switch dependencies • Technical and operational dependencies • Not so good for: • Switch and router neighbours • Firewall neighbours • Load balancer neighbours • Logical or functional application dependencies
  • 4. Application Architecture as seen by the Organisation https://rmohan.com/?p=436
  • 5. Business Cases • Multinational retailer • 1500 OSIs comprised of Windows, Unix, AS400s, Exadata and Netezza. • Application stack included F5 load balancers and AS400 messaging subsystems. • Tier 1 Investment bank • 10,000 OSIs • Decentralised ADDM deployments to Americas, EMEA, APAC datacentres. • BAM not used – single focus on remote firewalled connections.
  • 6. Getting Load Balancers into the Model • SNMP Only • Creates a NetworkDevice node • No direct relationship to SIs or BAIs. • Solution • Trigger on a web server SI type • Create an link through DiscoveryAccess and update an attribute on the SI • Trigger on NetworkDevice • Create an SI for “F5 Load Balancer” • Reverse lookup DiscoveredNetworkConnection for port to process mapping • All communicating software!
  • 7. Getting Firewalls into the Model • Can be discovered (unsupported device) • Custom TPL needed • SNMP? • No direct way to link to a Host or Router
  • 8. Getting Firewalls into the Model http://www.xpresslearn.com/networking/design/network-design-series-ii/# • Bank Environment
  • 9. Getting Firewalls into the Model • Bank Environment • No TPL required (no application models) • No 3rd party software available • Scanning additional domains/zones not permitted • NMAP not permitted • SNMP login to firewalls/routers not permitted • Traceroute? Maybe…. "Hop-count-trans" by Stagira - http://commons.wikimedia.org/wiki/File:Hop-count-trans.png#mediaviewer/File:Hop-count-trans.png
  • 10. Getting Firewalls into the Model cont… • Solution • Obtained a pre-defined list of “hand-off” routers • Started with pool of 100 dev hosts • TPL out of the question • Expanded to 1000 prod hosts • 200,000 remote IP addresses in ADDM (40,000 unique records) • Filtered to 7500 unique remote IPs, 230 outside of firewall • Output 4 csv files: • Hosts with hand-off router connections • Hosts with no remote connections • Traceroute timings • Connection details • Average 3 seconds per traceroute, 90 minutes to run.
  • 11. Summary • Multinational retailer • In the process of mapping their additional applications. • Application models now considered core to move. • Tier 1 Investment bank • 1st Stage proof of concept success. • Considering expanding script to other datacenters for holistic view.
  • 12. Summary • Application Models can be extended to include • Routers • Load Balancers • Firewalls • ADDM is a ‘must-have’ tool for datacentre migrations • Provides visibility of ‘what’ is connected ‘where’ • Important to understand how the application model differs from HLD

Editor's Notes

  1. Intro… Name, CSS, Title Examples
  2. Typical application model is built from the bottom up via dependencies.
  3. However many organisations have more of a top down view of logical or functional dependencies that include firewalls, switches, routers and load balancers. An application server may be considered as having a logical dependency on a database server, the webservers have a logical dependency on the load balancers – though operationally or technically they work independent of each other. Many organisations we are encountering have a desire to see things in the model which ADDM does not currently provide OOTB. These additional components are critical to an organisation that wants to see where that application sits as a dependency within their datacentre – especially when considering datacentre migrations.
  4. Since April this year, CSS have already assisted 2 customers in preparation for Datacentre migrations.
  5. ADDM discovers the load balancers by SNMP only. The taxonomy restricts relationships from a NetworkDevice to DisocveryAccess, Subnets, IPAddress and NetworkInterfaces. We had limited time to model the application stack and include Load Balancer communicating relationships. 1st approach was to pick some common web server SIs and trigger and then lookup through DiscoveredNetworkConnection to find the load balancer and add as an attribute. 2nd approach – by creating a “Load Balancer” SI, were able to reverse lookup DiscoveredNetworkConnection and map ALL communicating software instances – no longer dependent on defining web servers. These appeared in the visualisation under Inferred Software Communication.
  6. ADDM can discover firewalls – however you need to access them from a DiscoveryAccess node – they do not create inferred nodes. There is software that can achieve this. There may also be scripted ways to link to a host to a router or firewall, but these were not available.
  7. Initial requirements gathering…
  8. We were allowed to run traceroute and had CLI access. After speaking to their networks guy we got a list of hand-off routers – routers which neighbour one of the firewalls – the bank could use these routers to determine where the Hosts were connecting. TPL was ruled out of the question – we looked at the option of running it but as well as adding significant scan time, each host may have up to 100 remote connections, and may also share connections. You would be running traceroutes multiple times against the same targets. After increasing the test pool size the script was taking a very long time to execute, so we worked on putting in logic that ensured traceroute only ran once and all hosts were updated. We added timings so that anyone running the script could prepare for the best time to run and they could also compare traceroute time by subnet.