What is discovery and dependency mapping?
- 03 May, 2021 17:15
Try asking IT for data on the development, test, production and disaster recovery environments in the data centre and public clouds like Amazon Web Services (AWS) or Azure. It’s a straightforward question, yet answering it accurately and without going through a time-consuming audit is difficult for many IT operations departments.
Service configuration management is a core ITIL (Information Technology Infrastructure Library) management practice, and the CMDB (configuration management database) is the data warehouse that stores information on IT assets. IT’s task is to load and maintain the CMDB with accurate, up-to-date, comprehensive information. Maintaining the CMDB is a significant challenge for organisations that have large IT footprints or that make frequent changes using devops CI/CD automations to deploy applications and IaC (infrastructure as code) to configure multicloud infrastructure.
Enter DDM (discovery and dependency mapping) tools that scan networks to extract configuration information and update CMDBs with accurate data. A DDM is essential for organisations with large data centres and cloud infrastructures and can be a game changer in improving ITSM (IT service management) processes, such as incident management or change management.
DDM tools are often a data source for AIops or machine learning capabilities and are a form of hyperautomation when combined with low-code automation, workflow, and integration tools. For example, categorisation engines can use DDM’s data to group systems, or anomaly detectors can flag outlier flow patterns.
DDM-powered CMDBs scan autoscaling infrastructure for changes
A typical CMDB stores information on CIs (configuration items), including the configurations of network devices, servers, virtual servers, cloud instances, applications, web services, databases, storage configurations, and other infrastructure components. Many CMDBs capture dependencies between CIs and allow rolling them up into business services.
CMDBs may be part of an ITSM platform or an independent product. Top platforms include Atlassian Insight, BMC Helix, Cherwell CMDB Software, CloudAware CMDB, IBM Control Desk, Ivanti Asset Manager, ManageEngine CMDB, Micro Focus Universal CMDB, ServiceNow CMDB, Proactivanet Discovery and Asset Management, Symphony SummitAI, Virima CMDB, and many others.
Keeping the CMDB updated isn’t an insurmountable challenge for smaller organisations with a few hundred IT assets or when IT systems don’t change frequently. It may not be a top priority for organisations that only use the CMDB for asset management, either.
But the CMDB’s correctness is vital for organisations that want to integrate the CMDB with other ITSM processes, such as incident management or change management. It’s also critical for large enterprises with multiple or geographically dispersed data centres with tens of thousands of CIs.
If your infrastructure is entirely automated, then devops teams can automate DDM with tools like Chef’s integration with ServiceNow or Ansible-CMDB. But for many organisations running hybrid clouds, multiclouds, or using multiple devops automation tools, a do-it-yourself approach to maintaining the CMDB may not be an option.
DDM tools are the data integration platforms for CMDBs. These tools may be a feature of a CMDB or separate capabilities from secondary providers, such as Autointelli, FireScope, Resolve, or ScienceLogic. The more advanced tools are agentless and can scan networks without installing software on the servers or virtual hosts. A differentiating feature is when the DDM also captures the dependencies between system components and provides topology maps to illustrate them.
Read more on the next page...
How agentless DDM improves the CMDB’s effectiveness
Here’s how an agentless auto-discovery and dependency-mapping capability works. The DDM:
- Requires no installations of services or applications on the hosts that it scans
- Scans IT infrastructure for system configuration and application information
- Operates on infrastructure in public and private clouds
- Tracks the flows between systems to capture dependencies
- Runs on a schedule or is triggered by change management workflows
- Enables IT ops to review changes
- Feeds the CMDB with the latest information
- Provides topology maps to visualise flows and dependencies
One important aspect of using DDM is scheduling how frequently to run discovery jobs, scan the infrastructure, and detect changes. Because many services, applications, and databases run on elastic cloud architectures, actively running DDM ensures that the CMDB has accurate, updated information.
IT may also want to trigger DDM in devops automations such as CI/CD pipelines or IaC scripts, or during other IT automation. This option may only work if DDM’s configuration allows running it on the network segments impacted by the changes.
DDM-backed CMDBs are critical for improving ITSM
Integrating an accurate CMDB with ITSM process can help simplify operations and drive improvements in key performance indicators.
Consider change management, the set of controls IT puts in place to track production changes and comply with regulatory requirements. Organisations sometimes have complex forms to fill out to promote a change order and may require presenting them to a change advisory board to review and address risks. IT can simplify the change order forms to reference entities in the CMDB rather than asking people to key them into fields. When the CMDB maps IT systems to business services, approved change orders can trigger communications to impacted end-users.
Incident management teams also have the opportunity to reduce the mean time to resolution when incidents are directly related to CMDB CIs. The direct relationship can help trigger automations to recover from failures or help incident managers identify the correct standard operating procedures in run books.
Analysts can leverage the relationship between CIs and incidents, change orders, and requests to identify trends or prioritise operational improvements. For example, an analyst might seek CIs related to the most frequent incidents or the ones that caused the most significant business impacts.
DDM enables faster, safer IT changes
During the past decade, IT departments have been under pressure to do more with less, support more frequent changes, and ensure higher systems reliability. But speed and efficiency shouldn’t drive reckless behaviour or leave behind poorly documented systems for the next teams to support.
IT leaders have been accustomed to not being able to accurately track IT systems and configurations. Historically, the costs and complexities to maintain a CMDB overshadowed the operational needs and benefits. DDM-powered CMDBs should address this gap and be essential for IT organisations seeking multicloud architectures, automating infrastructure changes, or deploying frequent application changes.