I don't know of any BMC marketing material on it. Usually it is the customer testimony that does it for people... if they are willing to budge.
I would be tempted to go to one of your people who is responsible for dealing with intrusion attempts coming across your web servers. Look in the logs they should be reviewing. Do you see targeted IP's or targeted servers? If those intrusions succeed, what services and service users are at risk? If the initial intrusion report references an IP, you really should be able to start your research effort from IP endpoints in your CMDB. Your network and/or firewall people are the ones who will probably care the most about this. IP CI's aren't just conveniences any more than street addresses are for snail mail. The links between IP endpoints and MAC address endpoints is something a network person will know. There IS a distinct possibility you won't need them directly in the CMDB because they probably have them in another system. If you have to flex on this, consider a federated approach. Let the data owners retain it where they want it, but arrange things so you can point to it all. If you operate in a very secure environment, the links between logical and physical network layers IS useful, but non-network people usually get lost in the details. -al -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Koyb P. Liabt Sent: Tuesday, June 18, 2013 12:38 PM To: arslist@ARSLIST.ORG Subject: Fwd: LAN Endpoint, NICs Remove? ** Hi, I explained that the NIC is connected to the computer, the switch, the network router perhaps, the T1, the LAN segments, etc... allowing us to assess the impact for an outage, upgrade, etc... This did not seem to matter. I need to be able to communicate the value in "user-friendly terms." I was asked if there was any documentation to show this relationship and the importance of the NIC info. Is there any documentation on the BMC website that would illustrate how this is valuable for the business? ************* Some monitoring and logging tools report issues they spot by IP addresses. What your CI's let you do is start at that point and then look at the tree of related CI's to see what is behind the IP. If you've populated the CMDB well enough, you could know servers and apps and affected user groups quickly. If you remove your IP endpoints, you'll have to manually look them up to find the server and then return to the CMDB to see the tree again. If 130K CI's are causing performance issues, it is probably because of the way they are being used rather than their existence in the CMDB. Look to how they are presented to the user. Is someone doing a query that returns them all? Is the UI used too crude to allow chunking or a narrowing of a search? -al ________________________________ From: tekkyto...@aol.com To: ARSLIST@ARSLIST.ORG Sent: 6/18/2013 1:04:33 P.M. Eastern Daylight Time Subj: LAN Endpoint, NICs Remove? Hi All, For performance reasons, our Manager is talking about removing all the NIC device CIs info from the CMDB because there are 130,000 NIC CIs that we loaded into the CMDB from another repository. The NIC info we are discovering includes attributes such as: Default Gateway, DHCP Server, DNS domain, IP Address, MAC address, IP Subnets, DHCP Enabled (yes/no), Host Name, IP Enabled, product classification, etc.. Remedy is being used for incident management, change management, asset management, BSM, Analytics, configuration management, SRM, etc… This is still a relatively new implementation and has not matured. I need to communicate the value of keeping this NIC CI data or the value of removing this data. Does anyone have any suggestions? The Manager was asking “Why do we need to see the MAC address/IP Address in Remedy? What value is this for support or our business? – I can go to another system if I need this MAC/IP address. How does this help?” The next step would be to stop discovering NICs /network devices from ADDM also. No one has introduced Remedy to the Network team. The server team has not really been educated on the Remedy tool either. The tool has been mainly used for submitting tickets for incident/change. I explained many points of why we need this data. However I would like to know your thoughts. How is this network data critical/valuable to our business? _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
smime.p7s
Description: S/MIME cryptographic signature