Security in BMC Discovery

BMC Discovery is an appliance-based tool which automates discovery of business applications, maps them onto the underlying physical and virtual IT infrastructure, and determines the critical dependencies between them. BMC Discovery's model-driven, data center indexing techniques cut across previously disparate silos of configuration information, automatically populating and maintaining a data store of the discovered state of Configuration Items (CI) and dependency information.

BMC Discovery automates many system administrator and application management team tasks and also stores customer-sensitive data. At its core, BMC Discovery ensures the confidentiality and integrity of the discovery processes as well as the indexed data itself.

This document is intended to provide network administrators with the information required to get BMC Discovery working in their environment. It also provides the information required to enable security teams to verify that BMC Discovery is secure and does not compromise the security of their network.

Automated discovery in secure environments

BMC Discovery offers a powerful solution to index the infrastructure and map the business services of the large and complex environments typical of Fortune 1000 enterprises.

Several techniques could be used to gather data, such as port scanning, protocol probing, agent-based monitoring and remote login. However, credentials are required to achieve the accurate, trusted, and detailed configuration data discovery that enterprises require to manage IT.

Why? Simply put, because this is what information security is about: protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. Enterprises spend millions to secure their systems and ensure their access is protected by using credentials to authenticate users. Providing this type of permission ensures that BMC Discovery does only what it is authorized to do.

However, there is a side effect to this need for granular visibility. IT operations are organized in functional groups, or silos. Applications span silos, so there is rarely one team in charge of all credentials. In fact, too frequently they are not sure whether they can find all the credentials. IT administrators expect that automated discovery tools will solve problems caused by the lack of knowledge about where their systems or applications are (including their credentials). Additionally, in large and complex environments some parts of the networks are segregated for confidentiality, business or even historical reasons such as acquisitions, creating even more silos.

BMC Discovery offers a unique approach to these challenges and concerns by providing:

  • A robust and secure delivery platform
  • Clear deployment requirements
Was this page helpful? Yes No Submitting... Thank you

Comments