Improving Security with ITIL: Start with a Configuration Management Database (CMDB)
Keeping infrastructure secure begins with managing it well. This, in turn, begins with knowing what you have, where it is and how it is configured. A number of ITIL best practices build on the use of a configuration management database (CMDB). If you in the market for one, what should you look for and what can you expect?
For starters, the CMDB should account for all assets, logical as well as physical. It should support change management and incident management (especially important from a security perspective). The CMDB should also have the ability to verify configuration data and update the database without a lot of manual intervention.
Many commercial CMDBs do not require agents on client devices. This is a big plus, the last thing you need is yet another piece of software on every client to configure and manage.
The CMDBs should be scalable but that should not be difficult. All the major commercial relational database management systems support federation.
Look for high end reporting, especially impact analysis. A alphabetical list of laptops is nice but that won’t cut it when it comes to understanding dependencies between devices.
Finally, and this could be a big distinguishing feature among products, look for how the CMDB integrates with out system management and service support tools, like ticket management systems. The most valuable CMDB is not an island but integrated with the overall management process.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
