Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

In this first phase of implementation, the integration is focused on SNOW pulling network data from Lumeta. In use case #1, Lumeta highlights the gaps for our integration partner. 

Use Case #1 – Lumeta Integration partner reports and action for ticket workflow

  1. SNOW initiates the first API call to Lumeta requesting a list of all third-party integrations configured on the Lumeta Command Center and the connection status of each. 
  2. SNOW initiates a second API call to Lumeta to see the gaps. What does Lumeta know that SNOW doesn't?
    1. Did Lumeta identify a device lacking an agent such as McAfee or Carbon Black
    2. Did Lumeta find a device that SNOW hasn't scanned?  (Tenable, Qualys, Rapid7)?
    3. Did Lumeta discover a CIDR or IP that SNOW isn't aware of (Infoblox, BlueCat).
  3. SNOW generates an incident ticket–one incident ticket per third-party vendor (e.g., McAfee) and containing individual records for each finding (e.g., one row for each of the 30 devices lacking the ePO agent).
  4. SNOW security professional remediates the issue and marks the ticket as "completed."
  5. SNOW initiates a third API call to Lumeta to get an updated list of gaps.
  6.  Lumeta compares the current issue-status to the expected issue-status to validate that SNOW-fixed issues are demonstrably fixed. 
  7. Lumeta updates SNOW with the new status.

Use Case #2 – CMDB Data

  • Lumeta needs more information on the SNOW CMDB Data schema.  What is retained in the SNOW database and the structure?
  • Lumeta queries SNOW on an interval and pulls CMDB data:             
  • Lumeta does a diff and pushes assets that are missing in SNOW to the SNOW Server to be populated in the SNOW CMDB.
  • Lumeta Configurable parameter to push assets as  Global or by Zone
  • Lumeta ingests CMDB data from SNOW as an external source
  • Populate Lumeta dashboard and allows us to add to our target, eligible list.
  • Enhance profiling inside of Lumeta
  • No labels