Tangle Management
I’ve been reading my colleague’s great post about why we love complex networks. Now that we all have a better understanding what we mean by complex networks and how complexity can be a positive, I wanted to share what we can do with the information that complex networks bring with them.
Complex networks bring with them a whole lot of data. And of course data is meaningless unless you can extract information and derive truly usable knowledge from it.
But deriving actionable information with so much data variety, from different locations…..ain’t always easy.
How do I recognize that my latest Rapid 7 Nexpose scan is referring to the specific ESX machine that’s been giving me troubles lately? How do I find laptops that don’t have our policy enforcement solution installed? And how fast can I realize that a Windows machine has dropped out of the domain (whether by accident or not)?
Untangling Device Data: The Old Way
Until now, we’ve all been answering these questions the same way: We look for identical features. These features might be MAC address, static IP addresses or perhaps even hostnames. If you’re anything like me, you probably to this day still remember your most used machines IP’s and look for them in all the IT software that your team uses. Some days might even feel like you’ve been spending most of your day sifting through lists of IP addresses finding those specific machine that are giving you troubles.
10 years ago that would have been easy. There weren’t so many machines in your test environment, there weren’t so many special test cases, and there definitely weren’t so many IT management systems. We used to choose one and handle our entire organization with it whether it was Microsoft Active Directory or something else, and we could just make the entire organization bow down to our convenience and have only Windows machines. I’m feeling nostalgic for those days……
Today, unfortunately we need to be able to accommodate every possible case. We need to have both Active Directory for Windows machines and Jamf for the Macs. We have machines both on our on premise VMware ESXi and our Amazon Web Services cloud. I won’t get into mobile devices, much less IoT.
And with this progress and a heterogeneous device “multi-culture” we find ourselves having more and more Excel sheets to go through once we finally realize that something might be wrong. And even then, when we finally gather all the information to deal with a problem, it might be too late.
Building a Better Way
What we do here at Axonius is exactly that. We automate this entire process to save everyone time spent creating, organizing, and going through these lists. Our cybersecurity asset management solution gathers the information from wherever it might be and correlates to recognize that the machine referenced by multiple IT and security systems is the same one.
So when the need arises you won’t waste your time gathering information, but instead, it is right there: available in one convenient place so you’ll be able to just fix whatever happened. The platform can even help you create automatic triggers for events, so when they happen you’ll immediately know about it and have all the related information right in front of you.
Itay Weiss is the Senior Architect at Axonius. Previously Itay was a Senior Developer at big data startup Iguazio, and a development team leader at IDF’s military intelligence unit 8200
