How does it work?
Asset Manager employs a hybrid approach to continuous monitoring for network situational awareness.
Collectors are associated with discovery configurations. These configurations describe the instructions a collector must execute via a Command Center or Scout interface and the data the collectors must bring back to the Command Center for analysis. The results populate analytic tools: Dashboards, Maps, Reports.
As new targets are discovered using passive, active, or targeted discovery, and as you tune your configuration settings, continuously and in real-time.
- Discoveries trigger new threads of collection activity.
- Results are refined and broadened to the outermost network perimeter.
- Reports are generated.
- Maps display newly discovered entities.
- Notifications to stakeholders are released.
From a functional perspective, Asset Manager performs the following
- Discovers network devices and routes.
- Determines hardware and operating system profiles for your network devices including device type, hardware vendor, hardware model, OS, and OS version.
- Alerts you on anomalies meeting the criteria you set.
Asset Manager indicates when a device is leaking, whether a device is answering on unexpected TCP ports, whether it discovered unknown networks or connections, or any other information that may be deemed anomalous based on either Asset Manager best practices or your organization's network policy.
From an operations perspective
- A Network and Security analyst categorizes network findings as Known, Internal or Anomalous and initiates remediation.
- Collectors are configured such that anomalies and the unknown aspects of a network are continually diminished toward nil and your network operates in a state of network situational awareness.