On behalf of Tanium, I’m happy to announce the launch of our newest product module, Tanium Map.
The essence of today’s technology-driven businesses are the applications that make employees productive and facilitate customer engagement. When those applications stop, business stops. Too often, however, application outages result when the dependencies between applications, infrastructure and the endpoints that connect to them are not properly understood. With Tanium Map, organizations can further leverage the Tanium platform to gain visibility and insight into relationships and interdependencies at the business application, process and network level.
Say goodbye to out-of-date dependency maps.
Across both security and operations use cases, customers consistently mention Application Dependency Mapping (ADM) as a top need. With accurate maps, IT and infrastructure owners would have the ability to prevent accidental application outages by avoiding changes that cause unanticipated issues. Dependency maps would also help perform root cause analysis on ongoing application issues by identifying the underlying components that comprise these applications and investigate how those components have changed. Lastly, dependency maps can help teams make efficient and confident decisions around how to build out their application infrastructure by understanding the role that each device plays in their application ecosystem as well as the level of application utilization over time.
Unfortunately, most companies today are reliant on either (or both) manual processes and network scanning tools. Manual processes generate application maps that are almost instantly out-of-date and obsolete. Network scanning tools require maintaining and updating thousands of admin credentials and broad gaps in coverage. On top of this, they place a significant burden on corporate networks and require substantial infrastructure investment.
Tanium Map leverages the same agent that powers Tanium Core and our other modules. Using a lightweight recorder, endpoints capture every network connection along with the associated process, port, timestamp and other relevant metadata. Each connection is mapped to the library of applications that Tanium is aware of, either through our pre-built content, analysis of historical network activity, or custom applications discovered by Tanium Map and managed by customers. Most importantly, Map provides this level of visibility across Windows, Mac, or Linux system in an environment – laptops, workstations and servers alike.
Tanium Map can be leveraged by security teams as well with respect to micro-segmentation and compliance. Tanium Map can help define and validate system security boundaries, and allow security engineers to define more restrictive network access controls while still permitting legitimate traffic. These security boundaries can be continuously monitored and updated while being used to demonstrate compliance over time. The dependency maps created can ultimately evaluate whether applications are segmented from one another other to prevent unwanted lateral movement.
The end result is precise, rich and comprehensive application dependency maps that show, from a database server to end-users and clients, how devices communicate in the corporate network and which applications these communications make up.
Introducing Tanium Map
Quickly and efficiently map an application’s dependencies:
- Precisely understand the scope of application dependencies where application issue root causes may lie.
- Identify the clients and end-users who are likely to be impacted by application issues.
- Narrow the map to long-running connections that may be responsible for application issues.
- Verify that applications have the desired infrastructure redundancy and capacity.
Deep inspection of the role endpoints play in the application environment:
- Point to an endpoint(s) and understand the defined applications, unclassified traffic, and downstream machines that could be impacted if that endpoint has issues or is changed (e.g. outages, maintenance, migration, M&A).
- Create maps for specific time frames to correlate changes over time with application issues.
Reducing unnecessary infrastructure and applications by:
- Identify how and where infrastructure is being used.
- Show the user load for each application over time, helping to identify wasteful infrastructure and unused applications.
Validate network segmentation and isolation for critical systems:
- Evaluate whether applications are segmented from each other.
- Allow security engineers to define more restrictive network access controls while still ensuring legitimate traffic is permitted.
- Understand and validate security boundaries, demonstrating compliance through them over time.
Next-level visibility to make the business more resilient
With rising costs and frequency of technology-related business disruptions, we believe that improving resilience should be a CIO’s top priority. Disruptions, like those associated with application outages, are costly – Gartner estimates that it costs companies an average of $300,000 per hour of downtime.1 Of course, many outages are much worse. Business Resilience Management (BRM) is the practice to ensure that the technology running the business can adapt to disruption while safeguarding assets. The result of implementing BRM is to ultimately reduce the frequency of disruptions and when disruptions do inevitably occur, dramatically reduce the lag time between disruption and recovery.
Shared visibility between operations and security teams is at the heart of BRM. With Tanium Map, we provide a level of shared visibility into application dependencies that will enable these teams to have complete context both before and during a disruptive event. In many cases, Tanium Map removes yet another point solution that only fragmented visibility and brought with it infrastructure overhead and complexity. Or even worse, a manual process that is immediately out of date.
To say the least, we’re excited about Tanium Map. Application dependency mapping is a primary issue for most organizations and is core to making business more resilient. Combined with the foundational visibility and control provided by Tanium and the other product modules in the portfolio, security and operations teams reduce the frequency of disruption and dramatically reduce the lag time between disruption and recovery.
About the Author:Rahul Jaswa is Operations and Compliance Products, Head of Growth & Chief of Staff