q42015 solarwinds federal se webinar - best practices for it asset discovery: improving visibility...

FEDERAL SE WEBINARBEST PRACTICES FOR IT ASSET DISCOVERY: IMPROVING VISIBILITY FOR IT OPERATIONS AND INFORMATION SECURITY

ED BENDER, FEDERAL SALES ENGINEERING [email protected] 703-386-2625DAVE LARSON, FEDERAL SALES [email protected] 512-498-6783

mailto:[email protected]


2

• Introduction• Asset Discovery using:

• Network Performance Monitor (NPM)• Network Configuration Manager (NCM)• Server & Application Monitor (SAM)• User Device Tracker (UDT)• Storage Resource Monitor (SRM)• Additional Polling Engines for distributed discovery in remote offices

• Inventory management, and reporting with Web Help Desk®

• Dual Use- How security professionals can get valuable insight into IT assets that are on your network by logging into your Orion® server

TODAY’S AGENDA

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

3

• We have noticed an increase in “Asset Discovery” and “Network Mapping” requests• US CyberCommand and other InfoSec groups have been looking for asset discovery tools

• “You can’t secure a network if you don’t know it exists”• We are seeing more InfoSec professionals using SolarWinds products due to their strong

automated asset and configuration management capabilities• This includes some interesting new alliances between Ops and InfoSec

• FISMA compliance requires organizations to develop and document an inventory of information system components and review and update inventories

• DHS’ Continuous Diagnostics and Mitigation (CDM) program lists Hardware Asset Management and Software Asset Management as some of the first steps of the process

• Many SolarWinds® products have strong asset discovery and/or asset management features• We want to help you better understand the asset discovery and management capabilities you

already have• And help you provide more value to your agency by easily sharing your automated asset data

INTRODUCTION


4

Asset Discovery


5

• NPM has a powerful discovery feature called network sonar• Can be run ad-hoc and/or on a scheduled basis• Discovers using SNMPv1, v2c, v3, and WMI

• NPM discovers IT asset data, including:• Network devices - manufacturer, model/serial number, firmware/operating system

version• Network devices and computers - MAC and IP addresses• Hardware health of network devices - temperature, fan speed, power supplies

• NPM also discovers network topology information• Topology data (Layer 2 and Layer 3) is collected from network devices• Our Network Atlas utility can automatically create maps from topology data• Dependencies can automatically be created from topology data

ASSET DISCOVERYUSING NETWORK PERFORMANCE MONITOR


6

ASSET DISCOVERYUSING NETWORK PERFORMANCE MONITOR


7

• NCM automatically backs up configurations of switches, routers and firewalls• Backups are done with SSH®, SNMP or TELNET• Configurations can automatically be compared to DISA STIG or NIST FISMA

configuration requirements• Cisco® IOS® versions are checked for open CVEs and supports vulnerability tracking

• NCM inventory feature collects serial numbers of components inside network devices

• Chassis IDs / serial numbers• Card serial numbers inside the chassis• Tracks End of Support dates

• New NCM Connector provides asset data to Cisco SmartAdvisor™ to support network heath assessment reports

ASSET DISCOVERYUSING NETWORK CONFIGURATION MANAGER


8



9



10

• SAM can discover servers, workstations, virtual hosts and applications• Can run ad-hoc and/or on a scheduled basis• Discovers using WMI, SSH, SNMPv1, v2c, v3, VMware® API

• SAM discovers IT asset data, including:• Physical servers

• Manufacturer, model/serial number, firmware/operating system version• Chassis, disk drives, video cards, memory modules, CPUs• Hardware Health of computer hardware - temperature, fan speed, power supplies

• For both physical servers and virtual hosts• Applications installed on computers

• Linux® via RPM packages• Windows® via contents of Add/Remove Programs

ASSET DISCOVERYUSING SERVER & APPLICATION MONITOR


11

ASSET DISCOVERYUSING SERVER & APPLICATION MONITOR


12

• UDT monitors connected devices • Can run ad-hoc and/or on a scheduled basis• Discovers using SNMP v1, v2c, and v3

• UDT also discovers and stores MAC addresses that are connected to your switches or wireless access points

ASSET DISCOVERYUSING USER DEVICE TRACKER


13

• Use SRM for real-time, agentless NAS and SAN performance monitoring, as well as monitoring data on volumes, RAID groups, storage pools, LUNs and disks

• SRM uses a wizard driven process to discover and monitor your storage arrays and providers • SRM also discovers disk drive serial numbers inside SAN and NAS devices

ASSET DISCOVERYUSING STORAGE RESOURCE MONITOR


14

• Additional Polling Engines allow discovery (and monitoring) to take place from a Windows server installed in a remote location

• The additional poller can discover IT assets local to the poller• Only a few ports need to be opened for the Additional Polling Engine to communicate

back to the main Orion server• Additional Polling Engines also allow scaling to higher numbers of monitored

devices• Supports both automated (scheduled) and ad/hoc discovery of IT assets

DISTRIBUTED DISCOVERY IN REMOTE OFFICES USING ADDITIONAL POLLING ENGINES


15

DISCOVER, MONITOR AND MANAGE MORE IT DEVICESThis configuration with multiple Additional Polling Engines can Scale to:• 100,000 Network Elements• 150,000

Server/Application Elements

REMOTE DISCOVERY WITH ADDITIONAL POLLING ENGINE

SolarWinds Orion Server

MS SQL Server®

Additional Polling Engine

Up to 75 additional polling engines can be installed locally

and/or remotelyIT devices and apps

discovered by additional polling engine in a remote office

IT devices and apps discovered by main Orion server


16

Inventory Management and Reporting


17

• Web Help Desk (WHD) includes full-featured asset management functionality• WHD integrates with the Orion database to synchronize IT assets from the Orion

database to the WHD database• WHD asset management feature includes ability to link purchase orders, trouble

tickets and users to assets• WHD can:

• Automatically discover IT assets and track their statuses• Keep IT inventory up to date and schedule IT asset reporting• Optimize IT inventory planning and procurement forecasts• Link IT assets to problem tickets to track the problem history of assets• Import legacy asset inventory into help desk asset repository

INVENTORY MANAGEMENTUSING WEB HELP DESK


18

INVENTORY MANAGEMENT AND REPORTINGUSING WEB HELP DESK


19

INVENTORY REPORTINGUSING WEB HELP DESK – ASSET REPORTS


20

INVENTORY LISTASSETS – LIST OR SEARCH ASSETS IN BROWSER


21

INVENTORY REPORTINGASSETS – WHD EXPORT TO EXCEL®


22

Dual Use


23

• NCM – automated daily DISA STIG and NIST FISMA compliance reports• Audit trail of when changes were made to network devices and firewalls

• UDT – track what is plugged into your network, and when and where• SAM, SRM – track serial numbers of hard drives• Asset reports, including assets in remote locations

• You can’t secure devices that you don’t know exist• Identify the more critical assets that contain sensitive data

• Help InfoSec understand that your SolarWinds tools can provide them valuable information about IT assets

DUAL USEHOW SECURITY PROFESSIONALS CAN GET VALUABLE INSIGHT INTO IT ASSETS THAT ARE ON YOUR NETWORK BY LOGGING ON TO YOUR ORION SERVER


24

Q&A


25

• Watch a short demo video: http://www.solarwinds.com/sedemo

• Download a free trial: http://www.solarwinds.com/downloads/

• Visit our Federal website: http://www.solarwinds.com/federal

• Call the SolarWinds Federal sales team: 877-946-3751

• Email federal sales: [email protected]

• Email our Government Reseller DLT®: [email protected]

• Follow us on LinkedIn® : https://www.linkedin.com/company/solarwinds-government

MORE ON SOLARWINDS


http://www.solarwinds.com/sedemo

http://www.solarwinds.com/downloads/

http://www.solarwinds.com/federal



https://www.linkedin.com/company/solarwinds-government

The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide, LLC, and its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or

pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks, registered or pending registration in the United States or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or

registered trademarks of their respective companies.


q42015 solarwinds federal se webinar - best practices for it asset discovery: improving visibility...

Technology