Auto Discovery based Policy, Audit & Compliance project
Customer: A diversified insurance company
Industry: Insurance
Size: 9,000+ employees
Task: Implementation and configuration of infrastructure discovery, application mapping, and change impact analysis across multiple disparate environments
Duration of the project: 16 weeks
Why choose ConfigureTek?
ConfigureTek is focused on helping customers achieve full benefit from the proper implementation of their CMDB, Discovery, Mapping, Service Management and Asset Management solutions. Our methodologies/best practices are developed so that our customers achieve maximum business value in the shortest time frames across these critical IT functions. We have worked with hundreds of companies over the past 5 years and our abilities to work with solutions from multiple software vendors (ServiceNow, HPE, VMware, etc.) makes us unique in our ability to deliver on customer expectations.
Project Overview
Infrastructure discovery and application mapping has helped the configuration management team of a large insurance company accurately predict impact within their environment. The customer lacked vision of the impact of issues as well as potential impact of changes to their infrastructure. Rapid application mapping was deployed and infrastructure was quickly tied back to the business application that they supported. The customer was able to use this data to create policies to test specific PCI compliance scenario against known infrastructure that was supporting PCI compliant business applications. Discovery data was also leveraged along with policy creation that tested for drift between production and pre-production environments. The project tasks included:
- Installation and configuration of HPE uCMDB, Universal Discovery, Configuration Manager, and Release Control.
- Configured appropriate IP ranges and credentials needed to discover the customers environments.
- Created dynamic application maps within HPE uCMDB using application specific signatures
- Requested and received appropriate sign-off for each business application
- Created specific impact analysis rules to simulate scenarios of interest for the customer
- Setup Release Control risk ratings to calculate accurate risk/impact ratings based upon CI and change data using a third party service desk
- Mentored the client’s team and transferred knowledge
ConfigureTek’s Approach
- Setup and configured auto discovery around client security and operational needs
- Determine a source for business application information and imported into HPE uCMDB
- Distributed application mapping questionnaires to SMEs
- Create unique signatures for each business application being mapped
- Request sign-off from business service SMEs once the map was complete
- Create specific Configuration Management policies to test PCI compliance and provide a list of servers needing remediation
- Tailoring of impact analysis rules to provide data needed to visualize outage impact
- Setup of risk and impact rule definitions within Release Control to provide CAB with accurate impact information
- Provide mentoring and training
Business Results
- Avoided costly fines from failing audits
- Built out trusted source for business service to infrastructure relationships which fed many groups and internal processes with necessary information needed to run them effectively
- Leveraging data to help improve change rating accuracy and reduce outages due to improperly classified change records
- Change history tracking being used to correlate changes to application