Надо отличать процессы Asset Management и Configuration Management:
a.
Процесс Asset Management связан с определением ценных
объектов IT инфраструктуры и их владельцев, определения степени их
финансовой ценности, отслеживания жизненного цикла, местоположения и аудита
активов. Единицей управления является
актив.
Процесс Configuration Management связан с идентификацией компонентов систем, их атрибутов и
их взаимосвязей. Единицей управления является конфигурационная единица – КЕ (Configuration Item
- CI).
b.
В процессе Configuration Management отслеживаются все уникальные и
управляемые элементы ИТ инфраструктуры, в то время как в процессе Asset Management отслеживаются
только значимые конфигурационные элементы (активы).
Процессы Asset Management и Configuration Management взаимосвязаны:
a.
Эффективный процесс Asset Management использует информацию от Configuration Management и
использует CMDB как инструмент. Без CMDB Asset Management считает
просто хранилищем информации об активах без отслеживания их взаимодействия
b.
CMDB позволяет сгруппировать CI. Группировка CI может быть активом, к которому можно добавить
дополнительные атрибуты.
Процессы Asset Management и Configuration Management и IT Security
a.
Asset Management позволяет
выделять и отслеживать жизненный цикл активов, которые участвуют в процессе GRC
b.
Configuration Management позволяет выявить управляемые элементы инфраструктуры и
выявить их взаимосвязь, зафиксировать (snapshot) текущее состояние и отслеживать изменения для целей
управления рисками и управления активами.
c.
CMDB является хранилищем, в т.ч.
федеративным, инструментом для хранения
информации об объектах и их
взаимосвязях. Совместно используется Configuration, Asset и Change Management.
Тезисы:
Asset management is a subset of configuration management. In configuration
management all CIs are tracked. In
asset management, only CIs that exceed a certain cost value threshold are
tracked.
All CIs in the CMDB
that are also considered to be an asset will be assigned additional
attributes to aid in managing the CI from financial and property management
perspectives.
Configuration management is the process of:
• identifying configuration items
(components of systems and subsystems)
• managing information about the
configuration items (attributes and relationships) in a configuration
management database (CMDB)
• controlling the CMDB by ensuring
the accuracy of configuration item (CI) attributes and relationships, and by
updating the CMBD to reflect changes to CIs
• providing status monitoring of
the CMDB to ensure that CIs are tracked in accordance with their life cycle stage
(planned/ordered, received, tested, operational, retired)
• verifying CIs by auditing the
CMDB against actual configurations and the change management history
Asset management is a process that focuses on
accounting. The main goals of asset
management are:
• identifying asset custody
• managing the financial life cycle
of an asset, including acquisition costs, depreciation and
retirement/disposal
• verifying the physical location
and condition of an asset through audits
|
|
| If a customer is tracking assets, without currently tracking the costs associated to those assets, CMDB Solution 7.0 may be all they need at the current time. This would be whether or not they are using just the resource types that are shipped with the product or their own custom types. If however, they are tracking costs or are tracking software licenses, they need to wait for Asset Management Solution 7 before migrating. There are 'Asset Administrator', 'Asset Worker', 'CMDB Administrator' and 'CMDB Worker' |
|
 |
|
| Asset Mgmt adds functionality on top of the CMDB - contracts, s/w license mgmt, total cost of ownership, outage/availability windows, links with Change Mgmt, etc. | https://communities.bmc.com/communities/message/208912 |
The CMDB is only an instrument to hold the
data for Asset Management.
So, think of Asset
Management as the interface where you will do most of your manual CI creation
as well as Life Cycle Management of CI's
Not all Assets are
CI's and not all CI's are Assets.
An expensive oak
desk for your CIO might be an asset, but it isn't a CI. A Logical Business Service which underpins
a Service Offering in your Service Catalog is a CI (you most certainly had
better be managing it via Change and Incident) but it has no intrinsic value
so is not an Asset.
|
|
In CMDB environments, assets are managed at
the relationship level, also known as the configuration item (CI) level. This, we believe, does not
provide the needed amount of detail, giving IT professionals only limited
insight into the systems they oversee. ITAM solutions, on the other hand,
manage IT systems at the asset level. This approach provides greater insight
into an asset’s properties and history
|
|
The difference between CMDB and simple asset
management is that the CMDB also refers to relations between assets, and
relations between assets and their users.
The CMDB keeps the
history of the asset and the relationships between assets and owners.
This snapshot can
then be used as a fixed picture of the original state of your network, so you
will be able to track the changes in relation to this baseline.
|
|
The discovery
database represents a non-real time view of the asset fields and
configuration information which can be collected over a network.
The asset repository
extends this data into areas which are not electronically collectible, such
as contract, financial, asset tag, procurement, location, allocation to user
or business unit and so on. Repository is not a control view – more of a kind
of dumping ground for the latest asset information. Some discovery tools try
to emulate this but typically are not very successful or complete in their
treatment of the problem.
Asset repository
offers asset information but also light depreciation tracking capabilities to
the finance department.
CMDB is in effect an evolution of the asset
repository which is ITIL integrated. The key difference is that alongside the
data in an asset repository change, problem, incident and often release
information / objects also exist in the database and are managed constantly
by service desk, change and configuration relationship administrators and
processes.
Most companies start with discovery, then
license repository, then progress to asset repository medium term, followed
by CMDB longer term.
|
|
    |
|
The CMDB, by both
its nature and its definition, focuses on resource versions and
relationships. An asset repository, on
the other hand, is focused on resource ownership and
availability. The concept of a CMDB is to provide the
ability to map key intangible assets, like services, to tangible resources,
like hardware and software. Asset
Management
focuses on ownership and availability.
Configuration Management focuses on assembly of resources, and Change Management focuses on
managing risks and governance.
Asset Management is
linked to a financial strategy, and Configuration Management is linked to a
risk management strategy.
|
|
  |
bmc cmdb howto.pdf
|
Benefits of the
nCircle Configuration Compliance Manager and HP Universal CMDB integration. Through
this integration, nCircle Configuration
Compliance Manager acts as the security policy. Compliance assessment engine for assets in the HP
Universal CMDB (such
as servers, desktops, laptops, routers, switches, and other IP-addressable
assets), giving users of HP Business Availability Center solutions a
continuous view into the compliance status and risk score of specific assets
and associated changes. The integration of nCircle Configuration
Compliance Manager
with HP Universal CMDB provides a number of significant benefits, including:
• Automatic
identification and analysis of the security
risk or compliance
impact of changes to the IT
operating
environment
• Ability to apply pre-built or custom policies to
particular assets or groups of assets
• Inclusion of security risk score and compliance status
in the HP Universal CMDB
• Decrease in the time to resolution for availability
issues caused by security risks or compliance
deviations
|
|
 |
х.з.
|
The
Risk Control analytical engine normalizes the information into a CMDB, creates a model of the network, and incorporates Skybox vulnerability
content with intelligence about the likelihood and severity of potential
attacks. A Skybox IT risk assessment is done from the attacker’s point of
view – identifying possible access paths and the security gaps that can be
used to reach critical assets.
|
|
CMDB,
allowing companies to leverage their existing IT infrastructure and
investments. One key advantage is that new entities are automatically added
to risk and compliance assessments.
Asset ownership and automatic detection of entities via risk and compliance
assessments solves manual assignment of the compliance assessment to the
correct asset owner as well as continuous compliance of new assets entered
into the IT environment.
|
|
Conclusion is, that an IT Asset and a CI can point to
the exact same IT Object, they only enlight different aspects of it. In this
case, the Asset usually comes to life before the CI and lifes longer than the
CI. This because
a) you need
money to buy the server; and only after installation you can offer services
on it and
b) the moment
no more services run on the server it may still cost money; at least for
disposal…
Of course it is possible that you manage IT Objects as
assets only because you have no (or not yet) urge to also control them for
service management) or you handle IT Objects as CIs only (because your are
not interested to manage the financial / value aspect…) .
So, the answer to the question: “What is the difference between IT-Asset and a CI” is: “That depends on what do you want to do with
the IT Object”.
|
|
 |
CMDB%20_HK_Mar07-CMDB_Workshop_Don_Page.pdf
|
The
primary difference between a CMDB and
a standard asset database is the relationships between CIs. By using a CMDB,
you can look up a server, identify its owner, and know
that taking it offline will cause your organization’s email system to go
down. While valuable, to be used in this manner, a CMDB needs to remain
accurate.
|
Комментариев нет:
Отправить комментарий