This documentation supports the 20.08 (12.1) version of BMC Discovery.

To view an earlier version of the product, select the version from the Product version menu.

Best practices with credentials

This topic describes some useful best practices that you should consider when planning or configuring credentials. 

General

All credentials have labels, or names. Use meaningful names, this could be a naming scheme or convention for your organization.

Limit credentials to sensible access methods. For example, it is possible to configure a credential valid for SNMP and SSH, or some other login method, though it might result in many avoidable unsuccessful login attempts. 

AWS credentials

Amazon Web Services (AWS) supports multiple roles for a single credential. Scans can use only one credential. If you configure role switching for a credential, that one credential can use roles to discover diverse targets, in a single scan. Without roles, you would need to set up multiple credentials, and use multiple scans to achieve the same coverage.

Cloud scanning

Cloud scans place a considerable load on the BMC Discoveryappliance or BMC Discovery Outposts. When you configure cloud scans, you specify an appliance or BMC Discovery Outpost. When choosing the appliance BMC Discovery Outpost, consider the way that the workload is shared between them.



Managing credentials with multiple BMC Discovery Outposts

When you have a system with multiple BMC Discovery Outposts, we recommend that you designate one of them as a "master" in terms of credentials. All credential setup and configuration should be done on that BMC Discovery Outpost, and then its vault be exported and imported into the other BMC Discovery Outposts.


Was this page helpful? Yes No Submitting... Thank you

Comments