Security in BMC Atrium Discovery
BMC Atrium Discovery is an appliance-based tool which automates discovery of business applications, maps them onto the underlying physical and virtual IT infrastructure, and determines the critical dependencies between them. BMC Atrium Discovery's model-driven, data center indexing techniques cut across previously disparate silos of configuration information, automatically populating and maintaining a data store of the discovered state of Configuration Items (CI) and dependency information.
BMC Atrium Discovery automates many system administrator and application management team tasks and also stores customer-sensitive data. At its core, BMC Atrium Discovery ensures the confidentiality and integrity of the discovery processes as well as the indexed data itself.
This document is intended to provide network administrators with the information required to get BMC Atrium Discovery working in their environment. It also provides the information required to enable security teams to verify that BMC Atrium Discovery is secure and does not compromise the security of their network.
Automated discovery in secure environments
BMC Atrium Discovery offers a powerful solution to index the infrastructure and map the business services of the large and complex environments typical of Fortune 1000 enterprises.
Several techniques could be used to gather data, such as port scanning, protocol probing, agent-based monitoring and remote login. However, credentials are required to achieve the accurate, trusted, and detailed configuration data discovery that enterprises require to manage IT.
Why? Simply put, because this is what information security is about: protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. Enterprises spend millions to secure their systems and ensure their access is protected by using credentials to authenticate users. Providing this type of permission ensures that BMC Atrium Discovery does only what it is authorized to do.
However, there is a side effect to this need for granular visibility. IT operations are organized in functional groups, or silos. Applications span silos, so there is rarely one team in charge of all credentials. In fact, too frequently they are not sure whether they can find all the credentials. IT administrators expect that automated discovery tools will solve problems caused by the lack of knowledge about where their systems or applications are (including their credentials). Additionally, in large and complex environments some parts of the networks are segregated for confidentiality, business or even historical reasons such as acquisitions, creating even more silos.
BMC Atrium Discovery offers a unique approach to these challenges and concerns by providing:
- A robust and secure delivery platform
- Clear deployment requirements