FireMon Asset Manager is a powerful solution that indexes a prodigious volume of data. Yet too much of a good thing—including information---can overwhelm. For this reason, Asset Manager is designed to be configured incrementally.
Once the settings have been satisfactorily tuned and baselined for one zone of your network, that zone is explored using additional protocols, with additional discovery types, and with other options enabled, yielding a network that is increasingly known, analyzed, and understood by your organization. This approach brings Asset Manager online in your environment deliberately and uses it to generate result sets that are reasonably sized, digestible, and actionable.
Customer after customer has found that Asset Manager tends to amplify the capabilities of other security systems running in their network. Ultimately, Asset Manager helps customers first to achieve and then maintain the state of continuous network situational awareness.
| Anchor | ||||
|---|---|---|---|---|
|
Asset Manager is designed to be deployed incrementally, with a constrained discovery area gradually expanded in scope to encompass the whole of your network. This caps the volume of information generated to an amount that can be addressed reasonably by your troubleshooting teams. It also minimizes the information you need to input into the system to get started.
...
In preparation for discovery, you'll also need to associate collectors with areas to monitor and areas to avoid. Collectors go to their Targets, drop further interrogation after Avoids, and halt at Stops. The IP/CIDR list defines the coordinates within which discovery activities take place. At the collector level, scope coordinates are located in the Discovery Spaces tab. The Asset Manager system appends discovered routes and IPs to its internally managed Target list. The Discovery Spaces Target List illustrated here, however, shows only those Targets input manually or imported by system users like you.
- Target list governs where collectors send packets during active and targeted discovery.
- Avoid list itemizes those areas of a network that should not be probed during monitoring such as an affiliated company’s subnet. Asset Manager drops further interrogation of discovered devices and routes that are in the Avoid list.
- Stop List contains address points at which path discovery will halt. Probes beyond that address space cease. The Stop list serves as another way to prevent access to off-limit areas of a network.
...
At the conclusion of this process, you'll have a clear definition of where you want to send discovery packets and where you don't. You'll know the network segments to which you'll connect your Asset Manager, and you'll have enough information to set up a zone and configure Collectors. In brief, you'll have devised a vantage point from which to start observing a segment of your network.
| Anchor | ||||
|---|---|---|---|---|
|
Your preliminary discovery configuration will allow you to exercise Asset Manager in a small target area of your network to see if it returns the results you expected.
...
Can you see what you want to see and what you anticipated seeing? That's excellent!
Your successfully configured zone is now running and will continue to run. Asset Manager will provide your enterprise with continual awareness (i.e., network situational awareness) about the core infrastructure segment you just successfully configured. That awareness is conveyed in the form of analyses, reports, notifications, and topology maps.
| Anchor | ||||
|---|---|---|---|---|
|
Continue to add zones that represent other enclaves and other uni-purposed aspects of your infrastructure such as Credit Card Zone, Classified Data Zone, Finance Zone, WiFi Zone, Guest Zone.
...