Discovery and InventoryI cannot stress enough the importance of scanning your network to baseline what you have. You would be amazed at what a discovery scan often turns up. Test systems connected to the production network, systems with accounts that have not been changed for months (or often years - if at all), stale privileged accounts that have not been logged onto in forever... the list goes on and on. It's a jungle out there - you'd be amazed and scared at what you will find. So now you've done the first scan. You've scared yourself, your team, your boss, and your boss’ boss. What's next? Now, you have to make things right by applying your security policies to the accounts you’ve discovered. You could print out a copy of everything the scanning tool finds then create an inventory manually, but this could be a job that takes forever. And never ends. And just like painting a really long bridge, once you finish you have to start all over again.
Get the Right Tool for the JobPowerBroker Password Safe not only has a scan engine that is world class, but it has the power to rapidly correct issues by using automation, and then keep it that way: scan, fix, repeat. The scan engine picks up user account information such as privilege, password age, date logged on, expired, and group membership. In addition, it picks up a lot of data about the host itself:
- Hardware - network cards, CPU, memory, drives, etc.
- Ports - any ports that were open together with services using them
- Processes - processes that were running at the time of the scan
- Services - all services with dependencies and logon account
- Shares - network shares open
- Software - all installed software together with the versions