AleFIT Horizon

The list of all devices connected to the corporate infrastructure - the so-called ASSET - is very important not only for SIEM purposes. Building this ASSET is a very complex task. But a much more complex task is to keep this ASSET up-to-date. That's why the AleFIT Horizon application was created to help keep the ASSET up to date.

Product description

The information stored in ASSET can be used to evaluate and decide on the next course of action when dealing with outages or security incidents. Therefore, building ASSET and keeping this database up to date is very critical for all companies.

However, very often we encounter with customers that the up-to-dateness of the device lists in the CMDB is not at the required quality level and also some customers do not have processes in place to ensure that ASSET is up-to-date. Therefore, we have decided to help customers keep the ASSET database as up-to-date as possible, without the need to manually research and verify the actual status of each individual device.

The solution is built on top of Splunk Enteprise. It is therefore ideal if the customer already runs an instance of Splunk - for IT Monitoring, LogManagement or SIEM needs. However, if customers are not running Splunk yet, it doesn't matter, an instance can be built with minimal HW requirements to ensure the operation of the AleFIT Horizon application.

The solution is based on "passive" data collection from selected network devices. It can combine and merge logs from various devices to create a dynamic ASSET. If necessary, a network scanner can be added as an additional input, but then it is just another piece in the ASSET composition.

The offered solution does not replace the device management in the CMDB, but complements it appropriately and provides a detailed view of the current communication over the data network in real time. The actual device management should be provided in the CMDB system. Therefore, it is a good idea to provide an integration with the CMDB to compare the current status with the status stored in the CMDB and to generate requests to update entries.


Features

Passive solution based on log collection

Integration with CMDB

Connection to processes that update CMDB records

The output can be used immediately in Splunk (LogManagement, IT Monitoring, SIEM)

Historical snapshots to assist in analysis (can view past status)

The user's binding to the device is also generated (information about who was logged in on a particular device at a given time)


Benefits

Ensuring an up-to-date CMDB

Saving history over time

Speeding up work for IT Operation and Security Operation

Why Alef?

  • Strong technical team specialising in remote collaboration
  • Unique know-how in the areas of solution design, implementation and subsequent management
  • Dozens of satisfied customers