Tracking assets in a heterogeneous IT environment

IT departments today find themselves in the unenviable position of managing increasingly heterogeneous environments. That's a problem when the time between the announcement of a vulnerability and the appearance of code designed to exploit that vulnerability has shrunk from months to days.

This article looks at how IT professionals can protect an organization's critical infrastructure by taking a more holistic approach to cybersecurity, part of which includes understanding your IT environment by being vigilant about discovering and tracking hardware and software assets.

The challenge: rein in complexity

Most enterprise infrastructures today consist of multiple devices, operating systems, and applications that have diverse security and availability requirements. Because of that, enterprises have had to rely on fragmented, multi-vendor solutions to provide everything from intrusion prevention and policy compliance to patch management, high availability, backup, and data recovery. Since such a strategy involves deploying and supporting an array of independent products and services, it can be complicated, time-consuming, and costly from an administrative standpoint, making it a major drain on IT productivity.

It's also impractical given today's threat environment, in which malicious code capable of exposing confidential information is increasing dramatically. Consider this: In the first six months of 2005, malicious code that exposed confidential information represented 74% of the top 50 malicious code samples reported to Symantec, up from 54% the previous six months. In that same time period, the time between the disclosure of a vulnerability and the release of an associated exploit was a mere six days.

Needed: a more holistic approach

Protecting an increasingly complex IT environment from a growing number of threats requires a holistic approach. In a holistic approach, an alert would trigger an assessment of an enterprise's IT environment, identifying systems vulnerable to attack. The process would automatically determine the patch status of all systems within the IT environment, update patches in unprotected systems, and information garnered about potential attacks would automatically prompt more frequent backups, from desktop PCs to corporate data centers. These actions would also produce an automated audit trail that helps companies meet regulatory compliance.

Such an approach can help organizations align the right people, processes, and technologies required to build resilience into their entire infrastructure—from storage, critical servers, essential applications, network gateways, down to individual clients.

A key component of this approach is the ability to identify and track all hardware and software assets, including all changes. After all, the more knowledge an organization has about these IT assets, the more control it has over its infrastructure. This control then helps organizations keep their IT infrastructures secure, available, and compliant with corporate standards.

Creating a comprehensive inventory

Effective control of assets starts with a comprehensive inventory that includes information about each computer or other network device, a list of all installed software, and the physical location of each device. In order to maintain continued control of network assets, it is also necessary to perform ongoing audits and generate comprehensive reports to understand the state of the infrastructure at any given time.

With an asset inventory system, an IT organization can fully understand where devices are located and how they're configured, as well as track a complete history of when any changes have taken place.

An asset inventory system also keeps machines secure and available by scanning for and identifying malicious applications and file types. Alerts can automatically notify administrators when specific changes occur, such as removal of memory or unauthorized software installation.

In addition to helping an organization stay in control of its IT environment, an asset inventory system can help reduce costs by:

• Decreasing software licensing costs by reclaiming or reallocating unused or redundant software licenses based on installation and usage reports

• Mitigating the risk of licensing non-compliance, including fines and legal action due to oversubscribing software licenses

• Automating manual inventory audits to maintain a more effective and accurate assessment of your IT assets

What to look for

IT organizations should consider the following issues when evaluating asset inventory systems:

• Discovery. Does the system provide complete discovery of all network devices across multiple locations or operating systems, including desktops, notebooks, servers, routers, and printers?

• Agent-based inventory management. Does the system provide detailed reports of all hardware and software information on network devices, such as processor types, BIOS dates, MAC addresses, disk capacities, available memory slots, software versions and installation dates, and file types?

• Multiplatform capabilities. Does the system support a heterogeneous environment, including Windows, Linux, UNIX, and Mac platforms?

• Speed. Does the system provide fast, non-invasive auditing of hardware and software?

Conclusion

An effective asset inventory solution enables IT organizations to more fully understand where devices are located and how they're configured, as well as to track a complete history of when any changes have taken place. Tightly integrating asset management and tracking to system management processes can help organizations keep their IT systems operating regardless of what happens. That's the ultimate payoff for taking a holistic and proactive approach to cybersecurity. In the words of Symantec CEO John Thompson, "It's time to do more than raise red flags and block threats."