My knowledge base

среда, 11 июля 2012 г.

Asset Management vs Configuration Management


                      Надо отличать процессы Asset Management  и Configuration Management:

a.       Процесс Asset Management связан с определением ценных объектов IT инфраструктуры и их владельцев, определения степени их финансовой ценности, отслеживания жизненного цикла, местоположения и аудита активов.  Единицей управления является актив.
Процесс Configuration Management связан с идентификацией компонентов систем, их атрибутов и их взаимосвязей. Единицей управления является конфигурационная единица – КЕ (Configuration Item - CI).
b.      В процессе Configuration Management отслеживаются все уникальные и управляемые элементы ИТ инфраструктуры, в то время как в процессе Asset Management  отслеживаются  только значимые конфигурационные элементы (активы).    

Процессы Asset Management и Configuration Management взаимосвязаны:

a.       Эффективный процесс Asset Management  использует информацию от Configuration Management и использует CMDB как инструмент.  Без CMDB Asset Management считает просто хранилищем информации об активах без отслеживания их взаимодействия
b.      CMDB позволяет сгруппировать CI. Группировка CI  может быть активом, к которому можно добавить дополнительные атрибуты.

Процессы Asset Management и Configuration Management  и  IT Security

a.       Asset  Management позволяет выделять и отслеживать жизненный цикл активов, которые участвуют в процессе GRC
b.      Configuration Management позволяет выявить управляемые элементы инфраструктуры и выявить их взаимосвязь, зафиксировать (snapshot) текущее состояние и отслеживать изменения для целей управления рисками и управления активами.
c.       CMDB  является хранилищем, в т.ч. федеративным,  инструментом для хранения информации об объектах  и их взаимосвязях. Совместно используется Configuration, Asset и Change Management.
Тезисы
Asset management is a subset of configuration management.  In configuration management all CIs are tracked.  In asset management, only CIs that exceed a certain cost value threshold are tracked.

All CIs in the CMDB that are also considered to be an asset will be assigned additional attributes to aid in managing the CI from financial and property management perspectives.

Configuration management is the process of:
•             identifying configuration items (components of systems and subsystems)
•             managing information about the configuration items (attributes and relationships) in a configuration management database (CMDB)
•             controlling the CMDB by ensuring the accuracy of configuration item (CI) attributes and relationships, and by updating the CMBD to reflect changes to CIs
•             providing status monitoring of the CMDB to ensure that CIs are tracked in accordance with their life cycle stage (planned/ordered, received, tested, operational, retired)
•             verifying CIs by auditing the CMDB against actual configurations and the change management history

Asset management is a process that focuses on accounting.  The main goals of asset management are:
•             identifying asset custody
•             managing the financial life cycle of an asset, including acquisition costs, depreciation and retirement/disposal
•             verifying the physical location and condition of an asset through audits


If a customer is tracking assets, without currently tracking the costs associated to those assets, CMDB Solution 7.0 may be all they need at the current time. This would be whether or not they are using just the resource types that are shipped with the product or their own custom types. If however, they are tracking costs or are tracking software licenses, they need to wait for Asset Management Solution 7 before migrating. There are 'Asset Administrator', 'Asset Worker', 'CMDB Administrator' and 'CMDB Worker'

Asset Mgmt adds functionality on top of the CMDB - contracts, s/w license mgmt, total cost of ownership, outage/availability windows, links with Change Mgmt, etc. https://communities.bmc.com/communities/message/208912

The CMDB is only an instrument to hold the data for Asset Management.
So, think of Asset Management as the interface where you will do most of your manual CI creation as well as Life Cycle Management of CI's
Not all Assets are CI's and not all CI's are Assets.
An expensive oak desk for your CIO might be an asset, but it isn't a CI.  A Logical Business Service which underpins a Service Offering in your Service Catalog is a CI (you most certainly had better be managing it via Change and Incident) but it has no intrinsic value so is not an Asset.
In CMDB environments, assets are managed at the relationship level, also known as the configuration item (CI) level. This, we believe, does not provide the needed amount of detail, giving IT professionals only limited insight into the systems they oversee. ITAM solutions, on the other hand, manage IT systems at the asset level. This approach provides greater insight into an asset’s properties and history
The difference between CMDB and simple asset management is that the CMDB also refers to relations between assets, and relations between assets and their users.
The CMDB keeps the history of the asset and the relationships between assets and owners.
This snapshot can then be used as a fixed picture of the original state of your network, so you will be able to track the changes in relation to this baseline.
The discovery database represents a non-real time view of the asset fields and configuration information which can be collected over a network.
The asset repository extends this data into areas which are not electronically collectible, such as contract, financial, asset tag, procurement, location, allocation to user or business unit and so on. Repository is not a control view – more of a kind of dumping ground for the latest asset information. Some discovery tools try to emulate this but typically are not very successful or complete in their treatment of the problem.
Asset repository offers asset information but also light depreciation tracking capabilities to the finance department.

CMDB is in effect an evolution of the asset repository which is ITIL integrated. The key difference is that alongside the data in an asset repository change, problem, incident and often release information / objects also exist in the database and are managed constantly by service desk, change and configuration relationship administrators and processes.

Most companies start with discovery, then license repository, then progress to asset repository medium term, followed by CMDB longer term.





The CMDB, by both its nature and its definition, focuses on resource versions and relationships.  An asset repository, on the other hand, is focused on resource ownership and
availability.  The concept of a CMDB is to provide the ability to map key intangible assets, like services, to tangible resources, like hardware and software. Asset Management
focuses on ownership and availability. Configuration Management focuses on assembly of resources, and Change Management focuses on managing risks and governance.
Asset Management is linked to a financial strategy, and Configuration Management is linked to a risk management strategy.



bmc cmdb howto.pdf
Benefits of the nCircle Configuration Compliance Manager and HP Universal CMDB integration. Through this integration, nCircle Configuration  Compliance Manager acts as the security policy. Compliance assessment engine for assets in the HP
Universal CMDB (such as servers, desktops, laptops, routers, switches, and other IP-addressable assets), giving users of HP Business Availability Center solutions a continuous view into the compliance status and risk score of specific assets and associated changes. The integration of nCircle Configuration
Compliance Manager with HP Universal CMDB provides a number of significant benefits, including:
• Automatic identification and analysis of the security
risk or compliance impact of changes to the IT
operating environment
• Ability to apply pre-built or custom policies to
particular assets or groups of assets
• Inclusion of security risk score and compliance status
in the HP Universal CMDB
• Decrease in the time to resolution for availability
issues caused by security risks or compliance
deviations

х.з.
The Risk Control analytical engine normalizes the information into a CMDB, creates a model of the network, and incorporates Skybox vulnerability content with intelligence about the likelihood and severity of potential attacks. A Skybox IT risk assessment is done from the attacker’s point of view – identifying possible access paths and the security gaps that can be used to reach critical assets.
CMDB, allowing companies to leverage their existing IT infrastructure and investments. One key advantage is that new entities are automatically added to risk and compliance assessments. Asset ownership and automatic detection of entities via risk and compliance assessments solves manual assignment of the compliance assessment to the correct asset owner as well as continuous compliance of new assets entered into the IT environment.
Conclusion is, that an IT Asset and a CI can point to the exact same IT Object, they only enlight different aspects of it. In this case, the Asset usually comes to life before the CI and lifes longer than the CI. This because
    a) you need money to buy the server; and only after installation you can offer services on it and
    b) the moment no more services run on the server it may still cost money; at least for disposal…
Of course it is possible that you manage IT Objects as assets only because you have no (or not yet) urge to also control them for service management) or you handle IT Objects as CIs only (because your are not interested to manage the financial / value aspect…) .
So, the answer to the question: “What is the difference between IT-Asset and a CI” is:  “That depends on what do you want to do with the IT Object”.

CMDB%20_HK_Mar07-CMDB_Workshop_Don_Page.pdf
The primary difference  between a CMDB and a standard asset database is the relationships between CIs. By using a CMDB,
you can look up a server, identify its owner, and know that taking it offline will cause your organization’s email system to go down. While valuable, to be used in this manner, a CMDB needs to remain accurate.

Комментариев нет:

Отправить комментарий