q42015 solarwinds federal se webinar - best practices for it asset discovery: improving visibility...

FEDERAL SE WEBINARBEST PRACTICES FOR IT ASSET DISCOVERY: IMPROVING VISIBILITY FOR IT OPERATIONS AND INFORMATION SECURITY

ED BENDER, FEDERAL SALES ENGINEERING MANAGERED.BENDER@SOLARWINDS.COM 703-386-2625DAVE LARSON, FEDERAL SALES ENGINEERDAVID.LARSON@SOLARWINDS.COM 512-498-6783

2

• Introduction• Asset Discovery using:

• Network Performance Monitor (NPM)• Network Configuration Manager (NCM)• Server & Application Monitor (SAM)• User Device Tracker (UDT)• Storage Resource Monitor (SRM)• Additional Polling Engines for distributed discovery in remote offices

• Inventory management, and reporting with Web Help Desk®

• Dual Use- How security professionals can get valuable insight into IT assets that are on your network by logging into your Orion® server

TODAY’S AGENDA

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

3

• We have noticed an increase in “Asset Discovery” and “Network Mapping” requests• US CyberCommand and other InfoSec groups have been looking for asset discovery tools

• “You can’t secure a network if you don’t know it exists”• We are seeing more InfoSec professionals using SolarWinds products due to their strong

automated asset and configuration management capabilities• This includes some interesting new alliances between Ops and InfoSec

• FISMA compliance requires organizations to develop and document an inventory of information system components and review and update inventories

• DHS’ Continuous Diagnostics and Mitigation (CDM) program lists Hardware Asset Management and Software Asset Management as some of the first steps of the process

• Many SolarWinds® products have strong asset discovery and/or asset management features• We want to help you better understand the asset discovery and management capabilities you

already have• And help you provide more value to your agency by easily sharing your automated asset data

INTRODUCTION

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

4

Asset Discovery

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

5

• NPM has a powerful discovery feature called network sonar• Can be run ad-hoc and/or on a scheduled basis• Discovers using SNMPv1, v2c, v3, and WMI

• NPM discovers IT asset data, including:• Network devices - manufacturer, model/serial number, firmware/operating system

version• Network devices and computers - MAC and IP addresses• Hardware health of network devices - temperature, fan speed, power supplies

• NPM also discovers network topology information• Topology data (Layer 2 and Layer 3) is collected from network devices• Our Network Atlas utility can automatically create maps from topology data• Dependencies can automatically be created from topology data

ASSET DISCOVERYUSING NETWORK PERFORMANCE MONITOR

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

6

ASSET DISCOVERYUSING NETWORK PERFORMANCE MONITOR

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

7

• NCM automatically backs up configurations of switches, routers and firewalls• Backups are done with SSH®, SNMP or TELNET• Configurations can automatically be compared to DISA STIG or NIST FISMA

configuration requirements• Cisco® IOS® versions are checked for open CVEs and supports vulnerability tracking

• NCM inventory feature collects serial numbers of components inside network devices

• Chassis IDs / serial numbers• Card serial numbers inside the chassis• Tracks End of Support dates

• New NCM Connector provides asset data to Cisco SmartAdvisor™ to support network heath assessment reports

ASSET DISCOVERYUSING NETWORK CONFIGURATION MANAGER

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

8

ASSET DISCOVERYUSING NETWORK CONFIGURATION MANAGER

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

9

ASSET DISCOVERYUSING NETWORK CONFIGURATION MANAGER

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

10

• SAM can discover servers, workstations, virtual hosts and applications• Can run ad-hoc and/or on a scheduled basis• Discovers using WMI, SSH, SNMPv1, v2c, v3, VMware® API

• SAM discovers IT asset data, including:• Physical servers

• Manufacturer, model/serial number, firmware/operating system version• Chassis, disk drives, video cards, memory modules, CPUs• Hardware Health of computer hardware - temperature, fan speed, power supplies

• For both physical servers and virtual hosts• Applications installed on computers

• Linux® via RPM packages• Windows® via contents of Add/Remove Programs

ASSET DISCOVERYUSING SERVER & APPLICATION MONITOR

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

11

ASSET DISCOVERYUSING SERVER & APPLICATION MONITOR

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

12

• UDT monitors connected devices • Can run ad-hoc and/or on a scheduled basis• Discovers using SNMP v1, v2c, and v3

• UDT also discovers and stores MAC addresses that are connected to your switches or wireless access points

ASSET DISCOVERYUSING USER DEVICE TRACKER

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

13

• Use SRM for real-time, agentless NAS and SAN performance monitoring, as well as monitoring data on volumes, RAID groups, storage pools, LUNs and disks

• SRM uses a wizard driven process to discover and monitor your storage arrays and providers • SRM also discovers disk drive serial numbers inside SAN and NAS devices

ASSET DISCOVERYUSING STORAGE RESOURCE MONITOR

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

14

• Additional Polling Engines allow discovery (and monitoring) to take place from a Windows server installed in a remote location

• The additional poller can discover IT assets local to the poller• Only a few ports need to be opened for the Additional Polling Engine to communicate

back to the main Orion server• Additional Polling Engines also allow scaling to higher numbers of monitored

devices• Supports both automated (scheduled) and ad/hoc discovery of IT assets

DISTRIBUTED DISCOVERY IN REMOTE OFFICES USING ADDITIONAL POLLING ENGINES

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

15

DISCOVER, MONITOR AND MANAGE MORE IT DEVICESThis configuration with multiple Additional Polling Engines can Scale to:• 100,000 Network Elements• 150,000

Server/Application Elements

REMOTE DISCOVERY WITH ADDITIONAL POLLING ENGINE

SolarWinds Orion Server

MS SQL Server®

Additional Polling Engine

Up to 75 additional polling engines can be installed locally

and/or remotelyIT devices and apps

discovered by additional polling engine in a remote office

IT devices and apps discovered by main Orion server

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

16

Inventory Management and Reporting

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

17

• Web Help Desk (WHD) includes full-featured asset management functionality• WHD integrates with the Orion database to synchronize IT assets from the Orion

database to the WHD database• WHD asset management feature includes ability to link purchase orders, trouble

tickets and users to assets• WHD can:

• Automatically discover IT assets and track their statuses• Keep IT inventory up to date and schedule IT asset reporting• Optimize IT inventory planning and procurement forecasts• Link IT assets to problem tickets to track the problem history of assets• Import legacy asset inventory into help desk asset repository

INVENTORY MANAGEMENTUSING WEB HELP DESK

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

18

INVENTORY MANAGEMENT AND REPORTINGUSING WEB HELP DESK

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

19

INVENTORY REPORTINGUSING WEB HELP DESK – ASSET REPORTS

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

20

INVENTORY LISTASSETS – LIST OR SEARCH ASSETS IN BROWSER

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

21

INVENTORY REPORTINGASSETS – WHD EXPORT TO EXCEL®

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

22

Dual Use

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

23

• NCM – automated daily DISA STIG and NIST FISMA compliance reports• Audit trail of when changes were made to network devices and firewalls

• UDT – track what is plugged into your network, and when and where• SAM, SRM – track serial numbers of hard drives• Asset reports, including assets in remote locations

• You can’t secure devices that you don’t know exist• Identify the more critical assets that contain sensitive data

• Help InfoSec understand that your SolarWinds tools can provide them valuable information about IT assets

DUAL USEHOW SECURITY PROFESSIONALS CAN GET VALUABLE INSIGHT INTO IT ASSETS THAT ARE ON YOUR NETWORK BY LOGGING ON TO YOUR ORION SERVER

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

24

Q&A

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

25

• Watch a short demo video: http://www.solarwinds.com/sedemo

• Download a free trial: http://www.solarwinds.com/downloads/

• Visit our Federal website: http://www.solarwinds.com/federal

• Call the SolarWinds Federal sales team:  877-946-3751

• Email federal sales: federalsales@solarwinds.com

• Email our Government Reseller DLT®: solarwinds@dlt.com

• Follow us on LinkedIn® : https://www.linkedin.com/company/solarwinds-government

MORE ON SOLARWINDS

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide, LLC, and its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or

pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks, registered or pending registration in the United States or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or

registered trademarks of their respective companies.

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.