CMDB Application Mapping Explained
CMDB stands for Configuration Management Database; CMDB helps with tracking changes of software or hardware throughout their life cycle
CMDB Application Mapping is an integral part of CMDB because it helps keep track of which applications are installed on each server in your environment; this can help you determine where vulnerabilities might be located so you can fix them before they become a problem!
CMDB Application mapping is used in CM DB to map relationships between applications and servers - when there's no connection, that means there may be some vulnerability still lurking somewhere within your configuration management system
5 components involved in CMDB application mapping :
It is essential to identify the components in CMDB application mapping and understand how they are related. Understanding these relationships will help you determine what information should be mapped, as well as where it can be found. These include:
- Software inventory: This is the list of all software running on your network. It includes OS, web server type and version, database management system (DBMS), and performance. You can also have applications that provide a service to other applications like directory services or firewalls. The purpose of this part of CMDB application mapping is to know what information needs to be updated in case there's an issue with any one of these pieces of software.
- Business data inventory: Information about databases including name, vendor, DBMS type and version; mail servers including domain, IP address, RAS port number; Active Directory domains alongside attributes such as Trust Relationships between each part. This information can be stored in multiple locations since many organizations have different departments with overlapping responsibilities for managing specific aspects of their company's IT environment.
- Asset inventory management (AIM): Is the process of tracking and managing assets throughout their life cycles. The goal of AIM is to provide a single source for information about an asset's location, status, maintenance requirements, and current value. Asset inventory management can be performed manually or with a computer-aided system. It's an essential aspect of any enterprise asset inventory, which helps identify gaps like licensing, service level agreements, and performance metrics. Failing to consider all the assets in your organization's environment can lead to severe issues, such as incorrect inventory records or missing items.
- Relationships between assets and applications: The first step in mapping the relationships between assets and applications involved in CMDB application mapping is identifying the set of possible relationships that are relevant for the organization's needs by determining which ones apply across its entire scope or within domains such as business services, software, hardware, or networks.
- Configuration items: The Configuration Items in CMDB application mapping are the applications to which a configuration item is mapped. This field includes one or more configuration items and is used for various purposes, such as assigning ownership of a configuration item, documenting dependencies between two configurations items, etc. Configuration Items can have more than one identifier, such as a name, ID number, or pathname.
Approaches in CMDB application mapping :
Approaches are taken based on circumstances, and we will be exploring four approaches that you may find helpful these include:
- Top-down mapping starts with a high-level view of all applications and their dependencies, then zeroes in on specific groups or applications. This approach typically involves creating an initial model before any data has been collected.
- Bottom-up mapping begins by collecting data from individual systems (e.g., servers), then moves up to higher levels of abstraction when possible (e.g., server clusters). The goal is to identify just enough detail about each system's components that it can be accurately mapped into the top-level model without ambiguity as it relates to other parts of the model.
- Active Directory - This approach is based on the idea that their directory location or domain name should map applications. So, if an application resides under \\domain.com\app-directory, it would be considered mapped as \\domain.com\app-directory within CMDB, even though it's not hosted there physically. The benefit of this approach is its simplicity; however, some people have found that mapping can become cumbersome with more than one application per server.
- Another approach is to use the physical location of an application- The benefit here is that it's easy for people to map applications by their location (or at least work out where they are). However, if you have two applications on one server or more than one service with the same name, this can get confusing. For example: \\server-name\app-directory and \\server-name\anotherapplication will both be mapped as \\\"server-name\\\" in CMDB even though there might be a clear distinction between their purposes.
Use cases for CMDB application mapping :
This allows you to know which devices need upgrading or replacing and lets you plan better when software patches come out--which you'll know ahead of time.
Availability Analysis and Planning: The availability of the applications should be analyzed to identify the impact on other applications, services, and processes. This will help plan for contingencies when a failure occurs, or new service needs are identified.
- Cost allocation: The Cost allocation in CMDB application mapping is a planning process. It can be used to allocate the cost of IT investments for any project. The plan defines how much should be spent on each phase, what charges are incurred when an activity starts and stops, and who bears those costs.
- Risk analysis: Risk analysis is a crucial step before designing and deploying an enterprise service catalog. All stakeholders need to be aware of the risks involved with implementing this type of solution and how they can be mitigated or eliminated.
- Impact analysis: An impact analysis is a process that helps teams understand how changes to the system affect other systems. It quickly identifies the dependencies between two or more systems and highlights which ones are impacted by the change, what those impacts are, and how serious they are. The impact analysis should be done before any significant CMDB application mapping effort, like adding a new application or service into your CMDB database.
- Cause & effect analysis: The Cause-and-Effect Analysis (CAE) in CMDB Application Mapping (CAM) looks at software applications running on your system and where they execute from. This can help you determine whether an application is causing performance issues for other applications on your system, which means you will need to adjust accordingly, so everything runs smoothly again!