FireMon Asset Manager
Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Use Case #1 – Lumeta Integration partner reports and action for ticket workflow

  • First API call initiated from SNOW to Lumeta would need to be made to get all available integrations configured on the Lumeta Command Center
  • Second API call to see the gaps.  Missing agent (MacAfee, Carbon Black) scan needed (Tenable, Qualys, Rapid7), Missing IP’s (Infoblox, BlueCat).
  • Generate the SNOW incident ticket
  • Single incident lists the devices missing the integration. Example – 30 devices do not have ePO agent installed.
  • Each 3^rd^ party integration would have its own incident ticket
  • After the SNOW ticket is marked completed because the security professional followed the process (a remediation step is completed and the SNOW status is changed).
  • API call sent to Lumeta kick off a query to the integration server and get updated list of gaps from the Integration server.
  • Update SNOW with the new status

Use Case #2 – CMDB Data

  • Lumeta needs more information on the SNOW CMDB Data schema.  What is retained in the SNOW database and the structure?
  • Lumeta queries SNOW on an interval and pulls CMDB data:             
  • Lumeta does a diff and pushes assets that are missing in SNOW to the SNOW Server to be populated in the SNOW CMDB.
  • Lumeta Configurable parameter to push assets as  Global or by Zone
  • Lumeta ingests CMDB data from SNOW as an external source
  • Populate Lumeta dashboard and allows us to add to our target, eligible list.
  • Enhance profiling inside of Lumeta
  • No labels