DRAFT: BSA Use Case-oriented Documentation

Version 1
    Share:|

    Ad-hoc taskslive browse
    Ad-hoc tasksstart/stop services
    Ad-hoc tasksview file / config object
    Ad-hoc tasksedit file
    Ad-hoc taskstail –f logfile
    Ad-hoc tasksad-hoc remote shell access (NSH)
    Ad-hoc tasks… through a common entry point (NSH Proxy)
    Ad-hoc tasks… w/ keystroke logging
    Ad-hoc tasks… remote diff
    Ad-hoc tasks… remote inventory (nover, etc.)
    File Sync (FDJ)Agent Upgrade Jobs
    File Sync (FDJ)Compare two remote directories (web server content is the most common example, but home-brewed scripts works too)
    File Sync (FDJ)Sync two remote directories
    File Sync (FDJ)… using size, timestamp, md5 checksum, repeaters
    File Sync (FDJ)Report on directory sync
    Script Automationpush script to remote filesystem
    Script Automationsync scripts from common repository
    Script Automationexecute an external script,
    Script Automationexecute an internal script (NSH Script Jobs),
    Script Automationmaintain scripts in BSA
    Inventorylive browse 1 server,
    Inventorycompare configs across 2 or more servers,
    Inventorysnapshot all servers & report,
    Inventorydiscover & inventory in-house applications
    Inventorydiscover & inventory third party applications
    InventoryVirtualization Inventories
    · Patching (* 5 major platforms: Windows, Linux, AIX, Solaris, HPUX)):
    Patchinglive browse patches 1 server,
    Patchingdeploy 1 patch,
    Patchingdeploy a patch bundle,
    Patchingcompare patches between two servers,
    PatchingDownload metadata from a vendor
    PatchingDownload patch payloads from a vendor
    PatchingCreate a catalog from metadata
    · Define a policy (Patch Smart Group + include/exclude/security tools)
    Define a Policyaudit patches to a standard (policy),
    Define a Policypackage patches & deploy,
    Define a Policyaudit->package->deploy,
    Define a Policymaintain servers ongoing to a patch standard
    · Build Compliance
    Build ComplianceLive browse configs 1 server
    Build ComplianceCompare configs between 2 or more servers (live audit)
    Build ComplianceDefine a basic build standard (snapshot)
    Build ComplianceAudit servers to a build standard (gold server image snapshot)
    Build ComplianceRemediate configs from live audit
    Build ComplianceRemediate configs from build standard
    Build ComplianceDefine rules-based build standard (Compliance Policy)
    Build ComplianceAudit servers to rules-based build standard
    Build ComplianceDefine remediation packages, add to rules-based build standard
    Build ComplianceRemediate out-of-compliance servers to policy
    Build Compliance… with Change Approvals
    Build Compliance… fully automated
    · Regulatory / Security Compliance
    Regulatory / Security ComplianceLive browse configs 1 server
    Regulatory / Security ComplianceCompare configs between 2 or more servers (live audit)
    Regulatory / Security ComplianceDefine a basic build standard (snapshot)
    Regulatory / Security ComplianceAudit servers to a build standard (gold server image snapshot)
    Regulatory / Security ComplianceRemediate configs from live audit
    Regulatory / Security ComplianceRemediate configs from build standard
    Regulatory / Security ComplianceDefine rules-based build standard (Compliance Policy)
    Regulatory / Security ComplianceImport OOTB standard Compliance Content (w/ remediations)
    Regulatory / Security ComplianceAudit servers to rules-based build standard
    Regulatory / Security ComplianceDefine remediation packages, add to rules-based build standard
    Regulatory / Security ComplianceRemediate out-of-compliance servers to policy
    Regulatory / Security Compliance… with Change Approvals
    Regulatory / Security Compliance… fully automated
    · Software Deployment / Delivery
    Software Deployment / DeliveryLive browse installed applications list
    Software Deployment / DeliveryAudit installed applications between servers
    Software Deployment / DeliveryCopy application payloads
    Software Deployment / DeliveryPackage custom software (custom software object)
    Software Deployment / DeliveryDeploy custom software
    Software Deployment / DeliveryRollback custom software
    Software Deployment / DeliveryDefine software deploy/install process (BLPackage)
    Software Deployment / DeliveryExecute software deploy process (bldeploy job)
    Software Deployment / DeliveryRollback software deploy process
    Software Deployment / DeliveryDefine software deployment policy (compliance-based software deploy on a template with remediation for use in build process)
    · Provisioning
    Virtualization
    Provisioning - Virtualization§  VMware: live browse configurations
    Provisioning - Virtualization§  VMware: inventory guest-host relationships
    Provisioning - Virtualization§  VMware: start/stop guest
    Provisioning - Virtualization§  VMware: Deploy blank VM and power on (for bare metal)
    Provisioning - Virtualization§  VMware: Deploy Windows Template
    Provisioning - Virtualization§  VMware: Deploy Windows Template and customize
    Provisioning - Virtualization§  VMware: Deploy Linux Template
    Provisioning - Virtualization§  VMware: Deploy Linux Template and customize
    Provisioning - Virtualization§  Solaris: inventory guests
    Provisioning - Virtualization§  Solaris: report on guests
    Provisioning - Virtualization§  Solaris: create zone
    Provisioning - Virtualization§  Solaris: destroy zone
    Provisioning - Virtualization§  Solaris: start/stop zone
    Provisioning - Virtualization§  AIX/lpar: inventory guests
    Provisioning - Virtualization§  AIX/lpar: inventory VIO configurations
    Provisioning - Virtualization§  AIX/lpar: stop/start
    Provisioning - Virtualization§  AIX/lpar: create guest (rarely used?)
    Provisioning - Virtualization§  AIX/lpar: destroy guest
    Provisioning - Virtualization§  AIX/lpar: provision guest (AIX bare metal)
    Provisioning - Virtualization§  HP/UX Ignite: some of these, not sure what we do here
    Bare Metal
    Provisioning - Bare Metal§  Windows 2003 from install media
    Provisioning - Bare Metal§  Windows 2008 & 2008 R2 from install media
    Provisioning - Bare Metal§  Image-based Windows
    Provisioning - Bare Metal§  Linux: from install media (http)
    Provisioning - Bare Metal§  Solaris: from install media
    Provisioning - Bare Metal§  Solaris: from image (flash archive / flar)
    Provisioning - Bare Metal§  AIX: from install media (bos)
    Provisioning - Bare Metal§  AIX: from image (mksysb)
    Provisioning - Bare Metal§  AIX: from SPOT (?)
    · App Release Automation
    App Release AutomationLive browse application configurations
    App Release AutomationDefine app config file
    App Release AutomationAd-hoc package config entries & deploy
    App Release AutomationCompare config entries (live)
    App Release AutomationDefine config standard (snapshot)
    App Release AutomationAudit to config standard
    App Release AutomationModel application (Component Template)
    App Release AutomationParameterize application models (start with install path)
    App Release AutomationDiscover application
    App Release AutomationLive browse application components
    App Release AutomationRestrict/grant application access (via component)
    App Release AutomationPackage app content
    App Release AutomationPromote app content between roles (via applied acl template)
    App Release AutomationDeploy app content
    App Release AutomationRoll back app content
    App Release AutomationAudit app content between deployed components
    · Reporting
    ReportingDashboard by use case
    ReportingDetailed by use case (covers a lot of the ground above, but at least one for each major functional area)
    ReportingInventory
    ReportingTrend
    ReportingKPIs: how many servers provisioned per week by platform, aggregate patch, security compliance by platform, etc.
    Utility
    UtilityDo all of above from CLI, REST API….

     

     

    Audit is a one (master) to many direct comparison. The only remediation is to make it look like the master. Example, does this directory and files match the master? If not, sync it so it's the same.

     

    Compliance allows logic and conditional rules, with custom remediation. Example, is X software installed, is the service running, is it set to Automatically run at start up, does this registry key exist and equal this value, and does this entry exist in this configuration file? If not, run this custom package that installs the software, starts the service, creates the registry key and inserts a value into a configuration file. And many more. Very powerful feature of our product.