Change Automation
This topic describes benefits and stages in the Change Automation use case.
Benefits of Change Automation
When operational changes are implemented, administrators need to document and track these changes in a change management system. To automate this change tracking process, a Request For Change (RFC) is automatically created in the change management system, whenever an endpoint administrator initiates a Remediation operation in Vulnerability Management that requires approval. After the change is approved in Change Management, the corresponding job is scheduled for execution in the endpoint manager.
After the job has run, the change task is closed with an associated completion status and any changed configuration items (CIs). Administrators can view the status of the corresponding Remediation operation in the TrueSight Vulnerability Management GUI.
The main benefit of this integration is to enforce continuous compliance to the change process without introducing labor intensive activities. The integration reduces the risk of unauthorized and unplanned changes through enforced change tracking.
Supported endpoint managers
Starting with version 3.1, TrueSight Vulnerability Management supports Change Automation for the following endpoint managers:
- TrueSight Server Automation
- TrueSight Network Automation
- Microsoft System Center Configuration Manager (SCCM)
Before you use Change Automation
Before you use Change Automation, ensure that you have set up the following prerequisites:
Stages in Change Automation
Note
This section provides an overview of the stages in Change Automation. For the endpoint manager-specific use case scenarios, see the following topics:
The following diagram shows the different stages during execution of a Remediation operation that requires approval.
The following table describes the stages of this use case.
| Stage | Description | Change Ticket status in BMC Remedy ITSM | Operation's Approval Status in Vulnerability Management | Vulnerability Status in Vulnerability Management |
|---|---|---|---|---|
| 1 | When an administrator chooses to create a Remediation operation with configuration parameters, such as template and impact, and selects the Approval Required option, the logged in user belonging to the selected security group creates a job in the endpoint manager. | Not created yet | New | Awaiting attention |
| 2 | Endpoint manager returns Job ID to TrueSight Vulnerability Management after a job is created. | Not created yet | New | Awaiting attention |
| 3 | A RFC is sent to the change management system through the endpoint manager with the Job ID returned in step 2. Change management system creates a change record and returns a change ID and task ID. | Planning In Progress | New | Awaiting approval |
| 4 | TrueSight Vulnerability Management updates the job created at the endpoint manager with the source of the change ticket (in this case, Vulnerability Management), Change ID, and Task ID and applies the specified template to the change record based on the input received in the change creation request. | Planning In Progress | New | Awaiting approval |
| 5 | TrueSight Vulnerability Management checks the status of each change record. If the change record is approved, TrueSight Vulnerability Management performs the following tasks:
If approval is not received or not received by the specified scheduled time, TrueSight Vulnerability Management performs the following tasks:
| Implementation In Progress (when approved) Cancelled (when cancelled) | Approved (when approved) Cancelled (when approval not received by the specified scheduled time) | Awaiting execution (when approved) Awaiting attention (when approval not received by the specified scheduled time) |
| 6 | Job starts executing in the endpoint manager. | Implementation In Progress | Approved | Awaiting execution |
| 7 | Once job execution is over, the following actions take place:
| Completed | Completed | Closed |
Comments
Log in or register to comment.