There is an old saying that you can’t manage something unless you can measure it. IT asset discovery can provide you with accurate and up-to-date data and information about everything you use in IT.
You can then develop metrics using the data from the IT asset discovery tool, which can give you a lot of useful information about the assets that you own, who is using those assets, and how they are being used.
IT asset discovery has the capability to provide visibility of all IT equipment located within an organization’s IT estate using limited or no human interaction. Asset discovery enables the automatic capture of physical, virtual, and cloud infrastructure – including any changes. This ensures data integrity.
Most organizations start to discover information about their assets by manually maintaining a list of devices and components. )This asset discovery data is stored in a shared document such as an Excel spreadsheet and only updated whenever a new asset is added, deleted, or changed.
A manual process without an IT asset discovery software may be manageable when the size of an organization’s IT estate is relatively small and straightforward. However, this method becomes increasingly challenging as the organization expands and its use of IT grows.
Manual capture and updating of data and information without automated asset discovery is time-consuming and prone to error, resulting in asset information being incorrect, duplicated, or missing.
Having a full understanding of all assets with continual discovery is fundamental to effective and efficient management of IT. This is critical to operational processes but also to IT security, as a lack of visibility or knowledge of assets connecting to the organization’s network can create potential security vulnerabilities.
Hence using good practice asset discovery is essential to just about every organization.
What types of IT assets can you discover?
IT asset discovery can automatically capture information on just about every type of physical, virtual, and cloud item used in the delivery of IT. The data captured by asset discovery tools can be at a high level, for example, discovering a PC asset but also at increasing levels of detail within that high-level asset, for example, network cards, firmware, and configuration information.
Asset discovery is particularly useful at discovering information about assets where physical inspection is difficult, either because the asset is in a remote location, or because it is physically contained within another asset.
Here are some examples of these types of asset, where asset discovery is invaluable to any organization:
Networks are critical to every organization, linking users to the assets used to operate IT and to each other. Yet many organizations have found it challenging to discover details about all the network-related assets involved.
This easily leads to service issues when there are failures in network assets, and a high level of risk to the organization, especially security risks, as nobody can discover how the assets work together.
Corporate networks are now highly complex, especially since the networks used to connect the IT environments have expanded in size to include cloud, virtual, personal, and mobile devices.
Trying to discover what assets make up such a dynamic and complex network infrastructure is challenging, especially as it is now commonplace for devices to routinely connect, disconnect, then reconnect to network assets.
IT asset discovery tools can help automatically scan both the network components and the traffic between them, identifying possible assets. Once they are discovered, the tools will capture and record more granular information of each asset, including possible connections with other assets, configuration information, software and firmware versions, and usage.
Further discovery for these network assets might discover connected network storage devices and assets that connect remotely.
Asset discovery can capture data about all of your servers. Unless your organization has had exceptional configuration management processes and procedures in place from day one, it is highly likely that you will not have accurate information about these critical assets.
Unless you use asset discovery, there is a high risk of service disruption. When the inevitable disruption does happen, it can take a long time to discover the information you need about these assets to help fix the issues.
Asset discovery can be at a high level when you discover just how many server assets you have and what type they are. Asset discovery can also go deeper, finding out critical information for both hardware and software assets associated with these servers.
The types of information about these assets which can be discovered include operating system versions, firmware versions for components inside the servers, network cards, and their configuration, and communication ports.
(See, “Success is in the details”)
PCs, laptops, and mobile devices
With the prevalence today of using mobile devices to access corporate systems and services, it can be challenging to discover information required to support these assets.
New apps can be easily downloaded, with automatic updates. Asset discovery tools can continually capture the necessary data and information, which is impossible to do manually.
Asset discovery and storage
In today’s connected IT landscape, storage is more than just a few disk drives. Storage systems can be complex, requiring specialized asset discovery processes to capture data and information about them.
As well as discovering information about the physical storage assets, such as disks, controllers, and cooling systems, asset discovery can also capture useful information about performance and logs that can forecast future availability issues.
Asset discovery and security
Today’s IT landscape is nothing like the old days. In response to the challenges of doing business in the digital age, assets now change frequently, new ones are added, deployed, then retired at a rapid rate.
As a result, without a robust approach to asset discovery, the pressure to constantly adapt to new technology produces new security risks. The widespread use of remote assets such as servers and storage means that security teams are now rarely in control of all assets used to deliver IT.
This makes the task of discovering the necessary information about the assets difficult. With IT networks spread across cloud, virtual, mobile, and on-premise environments, blind spots are likely to arise. When they do, attackers could exploit oversights to conceal malicious activity.
Asset discovery is one way to help security staff provide a defense against these attacks by gaining visibility over the full network. Security best practices suggest organizations develop an inventory of all authorized devices to help provide controlled access to this type of asset.
The scope of assets to be discovered for this are all hardware devices. Discovering the necessary information about these assets can empower the security staff to deny access to unauthorized and unmanaged products that could be used to attack the organization and its business-critical assets.
Organizations can go even further with asset discovery to support security. They can acquire even more visibility over their organization’s network by looking for specific capabilities in their asset discovery tool.
For example, asset discovery techniques such as dynamic host tracking can be used to manage mobile devices as they connect, disconnect, and reconnect to different networks. The asset discovery tools can also use hierarchical asset organization to classify assets in a structure built on business context.
(See, “ITSM + SecOps Convergence (Part 1)”)
Asset discovery and ITSM configuration management
Creating and maintaining an accurate configuration management system (CMS), including a configuration management database (CMDB) is essential to the operation of any IT service management (ITSM) capability.
Trying to capture and maintain the necessary information without using IT asset discovery tools and techniques will be time-consuming, costly, and prone to errors.
Asset discovery can be successfully used for the initial population of a CMDB, but there is a risk that a lot of the information discovered about the assets is not required for ITSM, as it’s at a low level and of high volume to be understood.
Interfaces should be built between asset discovery tools and ITSM tools, with rules defined that only transfer into the ITSM tool the information discovered about the assets that are necessary for the operation of that tool. The other information can stay in the asset discovery tool, where it will still be available to ITSM if they need it for investigations.
One of the important activities within ITSM configuration management is the verification of the data held in the CMDB. Asset discovery tools can help with this verification by automatically capturing the current asset information and comparing it with the previous information held about the asset.
Sometimes the asset discovery tool will automatically update the information in the CMDB, but this may mask issues. For example, if IT carries out an unauthorized change to the version of software operating on a particular asset so that it is now different to similar assets, it may be more beneficial for the asset discovery tool to alert ITSM that there is an inconsistency between similar assets so that the configuration manager can investigate.
If the asset discovery tool automatically updated the version in the CMDB, the unauthorized change may not be highlighted.
Asset discovery is fundamental for managing all types of IT assets, including hardware, software, and networks. Without discovering and understanding what equipment is on an organization’s network, and how it is configured, little value will ever be realized from asset management. If asset discovery and configuration management are implemented successfully, the resulting CMS will be a mine of highly valuable data and information, providing much-needed support to all ITSM and IT disciplines.
Virima features can automatically discover and map your critical IT resources and the interconnections that link them to one another, your applications and services, and your users.
Virima is here to help. To get started, contact us today to schedule a demo and explore the possibilities!