Virima V6.0 will soon be available with an all-new look, enhanced discovery, mapping and vulnerability features and more. Stay tuned!

A CMDB Without Discovery Is Just a Database

CMDB Discovery

The importance of discovery comes from what it provides to the users of the Configuration Management Database (CMDB): trustworthy data and greater speed to value. Without discovery, the CMDB database is built by feeds and data entry, which can lead to errors that affect confidence in the data.

Beyond the technical value of discovery is the fact that when combined with service mapping, the CMDB’s time to value is greatly reduced, as it begins to provide enough data to support service management processes more quickly.


Trustworthy Data

IT Discovery provides means to ensure that the data in the CMDB database is accurate by identifying the devices on known networks and information pertaining to their configurations (technical attributes).

Using a key attribute, like the item’s serial number or license key, this information can be used to locate the asset in an IT asset management database and complete the non-financial information about the asset, beginning the process of turning that asset into a Configuration Item (CI).

Discovery can be performed by network monitoring tools, discovery applications, or both. Through the use of dashboards, duplicate records can be merged, deleted, or accepted, thereby, helping to reconcile any potential issues raised while committing discovery results to the CMDB. Machine learning can be used to accelerate this process, as rules are able to be built and automated to process the data.

Automated Discovery tools also work with business Service Mapping applications, which help document relationships between configuration items , generally up to the technical service or application level. At this point, human intervention only is used to enter logical CIs, like business services, and to map the applications and technical services to the business service they support.

The result is a highly reliable database that can be trusted and used to support Service Management practices with confidence.


CMDB: Attribute Validation

Discovery also includes attribute validation, i.e., ensuring that the data within a CI record is trustworthy. When organizations are engaged in asset management, a purchase will generate an asset record, which is tied to the Configuration Management Database during discovery.

That asset may have been ordered with a particular hardware configuration, but discovery actually validates that the configuration ordered has been delivered. There are several important aspects to this step:

  • Discovery validates that the item purchased was properly configured, enabling the organization to follow up with the vendor if the device is under-configured or incorrectly configured.
  • Having the right configuration information is critical to troubleshooting incidents—it’s not enough to rely on the sales/delivery information for the item as this can lead to incorrect assumptions and diagnoses.
  • Software and operating systems and their patch levels are more accurately documented to improve root cause analysis related for issues caused by particular versions.


Discovery of Unauthorized Devices and Applications

Once the accuracy of the CMDB database is validated and a program that keeps the CMDB updated is in place, the CMDB, combined with monitoring and discovery becomes a source for identifying devices or device changes that have been introduced without an accompanying change request. In this way, the change enablement practice can truly secure the enterprise.


A few examples:
  • An end-user in a remote location cannot plug in an unauthorized wireless device that exposes the network to intrusion.
  • External vendors cannot provide turn-key applications and hardware.
  • Cloud services cannot be accessed ongoingly without eventually being detected (particularly if service mapping tools are used, as traffic patterns could be used to identify the use of an external service).
  • Changes to a device’s configuration cannot be made without the activity being discovered, researched, and documented.

Change Enablement Evolution:

As the change enablement practice has evolved, it is looked at as a practice that enables changes to be made to a CI, whether hardware or software, ensuring those changes get properly approved and documented. Without the use of discovery tools, the change practice was used to update configuration information, so unauthorized changes contributed to the lack of trustworthy data. With discovery, unauthorized changes no longer provide the threat to the environment as they used to since discovery is able to identify them, and risk assessment can be performed, with appropriate action taken.


Proactive Operations

Like the use of discovery to validate CI attributes, in-depth knowledge of CIs can support proactive activities. There can be any number of different ways this can occur:

A repetitive issue with a particular hardware model and a good Configuration Management Database enables an organization to find the install base for that model and proactively replace the item before it fails. This is a great reason to eventually take the CMDB down to the workstation and local equipment level.

Intermittent issues related to OS patches or software version levels can be followed to incorrect patch or software versions, located and upgraded.

Security vulnerabilities and their potential impact on the environment can be evaluated using data in the CMDB to identify accompanying CIs that meet the criteria and then to prioritize the mitigation activities.

Repair history of a CI can be used to determine equipment that needs replacement or the CMDB management and asset management data can be used to plan more proactive end-of-life refreshes.

All of this comes back to data. If there’s a bad component in a hardware model, finding all instances of that model could become highly time-consuming or impossible without the data that discovery provides to the CMDB.


CMDB: Time to Value

Building a CMDB manually and mapping services is an extremely time consuming and inaccurate endeavor. Discovery may come with a price tag, but it’s payback comes in several forms:

Critical services that could take months to document manually can be discovered and mapped in only a few weeks, bringing almost immediate value to an organization as the benefits of the accurate CMDB can be reaped for the most critical services.

All infrastructure and software within each data center can be added far more quickly using automated discovery and equipment that people were not aware of will also be located, with its use and history tracked down after discovery. This leads to a far more accurate inventory from an IT Asset Management (ITAM) perspective but also ensures that IT can look at the unexpected equipment and software found and ensure that it is benefitting the organization rather than exposing it to risk.

The organization can expand the use of the CMDB to personal computing devices, which further supports IT’s ability to manage the environment. While data center operations are the most critical area to secure with a trustworthy CMDB, there is also tremendous value going beyond the data center:

Retail environments benefit from being able to more quickly and cost-effectively manage point of sale systems and other location-based equipment.

Manufacturing and logistics need similar ability to manage smaller warehouse equipment (clearly infrastructure would be managed, but computers used by personnel to support logistics might not).

End-user computers could be affected by known defects and/or intermittent issues that are difficult, if not impossible, to mitigate without a CMDB.

Thus, the use of discovery enables time to value at both the infrastructure/application level and at the personal computing device-level–both of which are critical in a highly technical environment. 

Before discovery, taking the CMDB to this level would be unheard of, but with discovery, these capabilities simply require additional maintenance. As discovery and machine learning continue to evolve, the human intervention to manage a fully-discovered enterprise will no longer be a barrier to inclusion.

Also read, Is 2020 the year of The Configuration Management Database (CMDB)

Virima features can automatically discover and map your critical IT resources and the interconnections that link them to one another, your applications and services, and your users.

Virima is here to help. To get started, contact us today to schedule a demo and explore the possibilities!

Subscribe to Our Newsletter

More to Explore

Table of contentsWhat is CMDB, and why is it important for your cloud initiatives?CMDBs and change managementCMDBs and incident managementCMDBs and problem managementCompliance reporting made easy with CMDBsImpact analysis with CMDBs and cloud assetsMake better, fact-based decisions with Virima for…

Table of contentsHow does asset discovery work?What types of IT assets can you discover?NetworksServersPCs, laptops, and mobile devicesBenefits of IT asset discoveryLess time spent on cataloging IT assetsBetter and detailed IT reportsStreamlined IT asset acquisitionEnsuring compliance with security policies A single…

Table of contentsWhy stakeholder communications are importantHow to prepare for incident communicationIncident management best practicesCommunication plan High-quality major incident management communication plan Using visualizations in stakeholder communicationsIncident mitigation with visualizations Virima can help you with incident management Incidents are a part of business,…

Table of contentsAsset managementTracking and labeling assets’ locations and states through an asset register Tracking and managing software licenses Managing end-user devicesKeeping tabs and handling decommissioned assetsConfiguration managementIdentifying configuration items in the CMS Controlling  and managing all changes made to assets Understanding impact on…

Some people think that an IT service desk is the same thing as an IT help desk. It isn’t and we’re  going to explain the difference between service desk and help desk. Sure, there are some similarities, but there are…

Table of contentsA CMDB tool can maintain all other tools What is CMDB in ServiceNow?What are ServiceNow CMDB best practices?A few ServiceNow CMDB best practices include:Defining your goalsForming a configuration management teamEstablishing a governance structureUnderstanding configuration item designIntegrating with key business…

Table of contentsStep 1. Determine business objectivesStep 2. CMDB discovery toolsStep 3. ITSM system integrationStep 4. Equip data owners/data stewards with the right toolsStep 5. Data management and retention planStep 6. CMDB: data visualizationLearn more about these steps by watching…

Incident management is crucial while dealing with major incidents. They are the crises that have widespread impacts on your employees, disrupt your operations, and impact your ability to deliver on customer expectations.  While you may assume your company is prepared…

Table of contentsUnderstanding business service mappingA modern approach to business service dependency mappingDiscovery planning processUse casesVirima simplifies service mapping and IT discovery Business service mapping is the area of configuration management that perplexes so many IT professionals. Yet, it provides…

Understanding the Configuration Management Database (CMDB) and its core functions is a critical aspect of service management. The CMDB forms the hub of numerous service management practices and provides a means of correlation needed to deliver business services successfully.   The…

The Configuration Management Database (CMDB) contains information about the enterprise's logical and physical assets. Modern service management platforms provide core functionality referenced by all service management practices, including business-facing rules. As a result of its core functionality, the role of…

A previous post discussed “The problems with your problem management” and some of the obstacles standing between your organization and true, proactive problem management. This post delves deeper into some of those obstacles and offers recommendations to help you address…

IT asset management (ITAM) and inventory management are both useful practices that can benefit any organization using IT. Inventory management can exist without IT asset management, and in fact, it does in many organizations as it has been in existence…