1 / 22

June 2018

June 2018. ILMT/BigFix Inventory Demo. Malgorzata Jablonska Tomasz Stopa. 201 8 - 06 - 21. BigFix Inventory/ILMT Development. Agenda. IBM License Metric Tool & IBM BigFix Inventory Fully automated scanning of software installed on shared disks – 10 min

lbaldwin
Download Presentation

June 2018

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. June 2018 ILMT/BigFix Inventory Demo Malgorzata Jablonska Tomasz Stopa 2018-06-21 BigFix Inventory/ILMT Development

  2. Agenda IBM License Metric Tool & IBM BigFix Inventory • Fully automated scanning of software installed on shared disks – 10 min • Summary report in the audit snapshot – 5 min IBM BigFix Inventory • Security scenarios 3.1 CPE (Common Platform Enumeration format) available for the discovered software – 5 min 3.2 Initial integration with National Vulnerability Database – 10 min • Software Asset Management scenarios 4.1 Reporting of SAP license usage with SLAW 2.0 tool – 5 min 4.2 Future planning: Microsoft reporting - looking for partnership – 10 min IBM License Metric Tool & IBM BigFix Inventory • What's new in the latest release

  3. Hosted Beta Environment

  4. Part 1 Fully automated scanning of software installed on shared disks

  5. How Bernie, the Software Asset Manager,can automate scanning of the infrastructure containing shared disks Bernie’s tasks: Bernie needs to generate PVU subcapacity report for his organization. He knows that NFS file systems are used in the environment, but he does not know any details. He wants to make sure that his report is complete and covers software deployed on shared disks. Solution:Bernie enables automated scanning of shared disks and gets the complete report.

  6. Part 2 Summary report in the audit snapshot

  7. How Bernie, the Software Asset Manager,and his stakeholders can easily understand the content of audit snapshots Bernie’s tasks: Bernie stores historical software license reports as audit snapshots. He needs to assure that higher management in his organization is able to easily understand the content of these reports. Solution:Now, an audit snapshot contains a summary CSV file representing high level summary.

  8. Part 3.1 – Security scenarios CPE (Common Platform Enumeration) available for the discovered software

  9. How Raphael, the Security Operation Center Analyst, can extract CPE information for discovered software for comparison with information in other systems Raphael’s tasks: Raphael investigates an incident related to specific computer and software discovered on this computer. He would like to find out where Firefox software is installed, and then check the related vulnerabilities in National Vulnerability Database. Solution: Raphael works with the Software Classification report to find computers and software instances for the specific software. He runs REST API request to extract CPE information used for integration with National Vulnerability Database.

  10. How Raphael can get the CPE information using REST API? https://inventory-demo.bigfix.com/api/sam/v2/software_instances? columns[]=component_cpe.cpe23 &columns[]=component_cpe.cpe22 &columns[]=component_name &columns[]=component_detailed_version &columns[]=computer_name &criteria={"and":[["component_name", "contains", "firefox"]]}

  11. Part 3.2 – Security scenarios Initial integration with National Vulnerability Database

  12. How Raphael, the Security Operation Analyst, can quickly check vulnerability risk for specific software components Raphael’s tasks: Raphael continues his investigation. He would like to quickly understand what vulnerabilities, if any, are related to specific software directly in BigFix Inventory without the need to search National Vulnerability Database. Solution: Raphael filters the Software Componentsreport and checks Vulnerability Risk (Preview) column for vulnerability information. Optionally, Raphael may go to National Vulnerability Database to get vulnerability details for further analysis.

  13. What Raphael can get from the Software Components report?

  14. Part 4.1 – Software Asset Management scenarios Reporting of SAP license usage withSLAW 2.0 tool

  15. How Bernie, the Software Asset Manager, can include SAP license information from SLAW 2.0 tool in BFI reports Bernie’s tasks: In Bernie’s organization, SAP licenses are tracked using License Administration Workbench (LAW) 2.0 tool. Bernie would like to have this data included in BFI for centralized reporting of all license types. Solution: Bernie asks Mark, the Inventory Administrator, to setup BFI SAP tool to gather data from SLAW 2.0. Next, Bernie can review SAP license usage directly in BFI.

  16. How Bernie, the Software Asset Manager, can include SAP license information from SLAW 2.0 tool in BFI reports

  17. Part 4.2 – Software Asset Management scenarios Future planning: Microsoft reporting - looking for partnership

  18. BFI reporting for subscription based licenses for Office 365 • We are working on Office 365 subscription licenses reporting in BigFix Inventory. • While Microsoft Administration Portal delivers most of the license usage information for Office 365, we see many advantages of integrating this data in BigFix Inventory reports. • Understanding what use cases aremost important for you helps us prioritize work and cover your scenarios first. • If you are interested in this feature, answer the followingpoll question. • Impact our decisions and shape the nextBigFix Inventory product capabilities.

  19. Part 5 What's new in the latest release

  20. IBM BigFix Inventory & IBM License Metric Tool app update 9.2.12 The key features include: • Fully automated scanning of software installed on shared disks • Summary report in the audit snapshot • End of Support dates for discovered software • Extended reporting capabilities for hardware information (BigFix Inventory) • Common Vulnerabilities and Exposures (CVE) added to the software catalog (BigFix Inventory) • Discovered software component specified in the Common Platform Enumeration (BigFix Inventory) • Adoption of the Oracle auditing script (ReviewLite) for software discovery

  21. If you would like to learn more about the presented features or to share your feedback or thoughts, let us know at: talk2sam@us.ibm.com

  22. Forum: BigFix Inventory | License Metric Tool Wiki: BigFix Inventory | License Metric Tool Beta Community Twitter: BigFix Inventory | License Metric Tool YouTube: BigFix Inventory | License Metric Tool

More Related