Today’s organisations face many challenges as they drive digital transformation, manage evolving working practices, and modernise their infrastructures.
IT continues to grow more complex; from a hybrid, distributed workforce and continuous security challenges to increasing market pressure, today’s environment increases the demands on service and operations teams. Also, IT must understand every aspect of the environment and its use. However, this understanding cannot be gained using labour-intensive manual processes that struggle to capture the entire picture. The resulting lack of visibility into applications and dependencies affects migration planning, licence management, capacity optimisation, security, service availability, and integrations with IT service management.
A lack of visibility is like driving with a blindfold. Not only does it leave IT asset management professionals unsure of what they must protect from risk, leaving endpoints potentially vulnerable, but it also means data management and disposition is much harder to achieve compliantly. TES, “IT asset management risks in 2021 and beyond…”
At Tekwurx, we understand the role of automated asset discovery in resolving these issues and how it is the starting point of many organisations’ asset management strategies.
BMC Helix Discovery provides real-time visibility into hardware, software, and service dependencies across multiple environments. Helix Discovery handles the complexity of managing a broad spectrum of configurations, including mainframe, traditional infrastructures, and container management in multi-cloud and on-premises environments. It discovers physical and logical components, including virtual machines, servers, storage, databases, and applications. Helix Discovery also includes the ability to model business applications, which many customers use to assist with IT service management processes.
We originally developed Tekwurx uControl to help customers reduce the time and cost of building and maintaining business application models. Since the first release, customers benefited from the automated workflows in uControl to model their applications efficiently and manage changes to the model over time.
With the release of version 8, uControl answers many more of the commonly asked questions around asset discovery, such as:
- Do we understand the current asset landscape and whether we have discovered everything?
- How do we keep our automated discovery tool up-to-date with IP ranges/addresses and simplify our administrative tasks?
- How do we identify discovery blind spots and discover what our discovery tool doesn’t know about?
- How do we proactively identify issues with discovery and ensure that these are being remediated?
- Can we automate getting the discovery issues to the correct teams and track this within our service desk?
These and other use cases are described below.
Use case #1: advanced discovered data analytics.
We introduced an advanced data analytics engine in Tekwurx uControl v8 that provides the platform to rapidly develop the additional functionality to meet the complex use cases that our customers requested. Once we have the data in uControl, the analytics engine can “slice and dice” it to answer many asset-related questions, including:
- Compare data sets to understand the differences, enabling remediation to close gaps in auto-discovery.
- View trends in the application modelling process, asset discovery or decommissioning.
- Identify and report on discovery issues by business unit, owner, or support group.
- Streamline data inventory to identify blind spots and unscanned systems.
- Enable rapid vulnerability assessment.
Use case #2: understand complex asset relationships.
Understanding the relationships between assets is central to managing ever-changing and increasingly complex IT infrastructure. Tekwurx uControl ingests asset data from any source, which is reconciled and normalised to ensure the upstream systems receive accurate and complete data.
CIs may be enriched by adding custom categories that contain business context data, such as the business unit, hosting environment, location tags or lifecycle details.
Tekwurx uControl synchronises discovered and non-discovered CI data with commonly used CMDB, reducing manual effort and potential errors.
Use case #3: improve discovered data quality.
As well as understanding what assets you are managing, you need to be able to trust the data.
We’ve heard customers tell us often that they have a CMDB but that no one uses it because the data is inaccurate or incomplete.
The advanced analytics engine in Tekwurx uControl compares data sets to identify and report on gaps and missing attribute data. Analysis of server attributes highlights those that need to be completed.
Use case #4: advanced reporting.
Tekwurx uControl includes a set of out-of-the-box reports that cover most discovery scenarios. uControl’s Report Studio allows users to create custom reports and dashboards from all data in the uControl database.
Tekwurx uControl reports can run from inside BMC Discovery and may be assigned to specific users or teams to control access.
Reports can be exported in various formats, emailed, and integrated with Microsoft Teams and SharePoint to share across an organisation.
Use case #5: asset blind spot detection.
One of our customers uses BMC Discovery to scan their IT estate. The SecOps team use Rapid7 to discover security risks across the server endpoints.
The customer needed help understanding where they had gaps in Rapid7 monitoring, a potential security risk.
We deployed Tekwurx uControl to import and compare the discovered assets held in BMC Discovery with those in Rapid7. The advanced analytics engine in Tekwurx uControl compared:
- The servers monitored by Rapid7 are not in BMC Discovery.
- The servers in BMC Discovery that Rapid7 does not scan.
- The current discovery status for servers that Rapid7 watches.
We provided a dashboard to the SecOps team, clearly showing the gaps in the Rapid7 deployment and providing remediation targets. The customer also used this analysis to highlight discovery failures in BMC Discovery.
Before the integration, they had a massive list of failures and could not differentiate between REAL failures and what was just “noise.”
Use case #6: integration.
Tekwurx uControl is designed to be the central processor of CI asset data. We can ingest data from many sources via JDBC and REST APIs, including CMDBs, auto-discovery tools, and flat files. We can also pull data directly from vSphere and vCenter, LeanIX, and import subnet information from IPAM systems.
This approach allows customers to bring all their assets (discovered and non-discovered) into one place and can analyse, normalise, and send accurate CI data to downstream systems, including CMDBs, service desks, Microsoft Teams, and SharePoint.
Use case #7: event alerting & notification.
Tekwurx uControl keeps users notified and raises events throughout the asset lifecycle. Events are sent directly to the service desk or via email to the correct teams for remediation. Users are advised of asset discovery issues throughout the application modelling, CMDB synchronisation or discovery system management. Example use cases include:
- Notify users of the following activities during the business application modelling workflow.
- Raise events against application model drift, i.e., as new connections & dependencies or deletions are identified.
- Set up regular service reviews to ensure application models are up to date.
- Notifies new owners or teams of models that are assigned to them.
- Receive alerts for import failures.
- Notifies if there are CMDB synchronisation errors.
Use case 8: advanced CMDB integration.
An out-of-the-box integration between TekWurx uControl, BMC Atrium and ServiceNow CMDBs enables near-real-time updates, all configurable through a point-and-click interface.
Integrating with CMDBs enables uControl to build application models and services using discovered and non-discovered assets.
Users can modify attributes and class mappings through a “no-code” approach.
- Tekwurx uControl supports application component synchronisation to support service modelling.
- Import ServiceNow Discovery data to support service modelling, gap analysis and blind spot reporting.
- Single click to publish application models to one of many classes depending on requirements.
- Multi-level filtering ensures that only the required data from the CMDB is imported and used in uControl.