Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

The article covers sample POC use сases.

CMDB

  1. Discover CSP* assets using API.

  2. Create a workflow to take action, e.g. Slack notification when asset meets required criteria such as missing tag.   

  3. Create convenient list views to show publicly accessible resources, e.g. S3 Buckets.

  4. Create a custom field on a CSP asset to denote customer-specific attributes, e.g. customer's Cost Center. 

  5. Propagate a custom field, e.g. Department from CSP Account object to every other asset under that account.

  6. Associate all CSP assets with asset resource groups based on asset name/tag values. 

  7. Create a custom object, e.g. customer's Cluster, and associate all assets with it based on name/tag values. 

  8. Demonstrate ability to show details about assets that have been terminated over a certain period of time, e.g. over 24 hours ago.

  9. Demonstrate ability to create dependency maps between assets.

  10. Demonstrate ability to create tickets in other issue management systems, e.g. Jira, once an asset meets required criteria, such as the CSP limit reaches 90%.

  11. Demonstrate CMDB integration with cloud monitoring services by showing CPU, Disk, and Network activity for every asset in CMDB.

  12. Demonstrate ability to discover and import operating system level data into CMDB, such as running services, users and installed software.

  13. Create CSP assets count trending report.

  14. Create a dashboard to show how much infrastructure is deployed across different CSP regions/locations.

  15. Demonstrate ability to show customer’s tagging coverage across different CSP assets.

  16. Demonstrate ability to tag the customer’s assets from Cloudaware UI.

  17. Create reports that break down assets based on customer tags.

  18. Build and schedule reports to show the asset's missing tags.

*Cloud Service Provider, e.g. AWS, Azure, GCP, Heroku, etc.

Change Management

  1. Create an approval process when a CSP asset meets required criteria, such as a new User without MFA.

  2. Show the timeline of changes for CSP assets.

Cost Management

  1. Show the cost of individual CSP assets.

  2. Show the cost of applications and resource groups.

  3. Create a dashboard that allows users to explore cost by CSP standard and custom attributes, e.g. product, service, application tag, and department tag.

  4. Show all expenditures that are not associated with any application.

  5. Demonstrate ability to optimize cost, e.g. using rightsizing and policies that look for idling and underutilized resources.

  6. Show optimal reservations based on current instances.

  7. Demonstrate ability to forecast spending for 1, 3, and 6 months out.

  8. Create a workflow to take an actio, e.g. Email alert when asset cost exceeds certain limit e.g. MTD spend reached 75% of last month spend.

Security

  1. Demonstrate ability to identify deviations from CSP security best practices, such as Public S3 Buckets or User without MFA.

  2. Demonstrate ability to deploy vulnerability scanning agent, e.g. Nessus, and perform scans.

  3. Show what patches are missing, pending and have been installed on any Linux or Windows host.

  4. Deploy host-based intrusion detection agents onto a host.

  5. Show most vulnerable hosts based on vulnerability scan results, missing patching, exposed ports and running software. 

  6. Create a workflow to send out Email/SNS/Slack notification when a non-standard port is open to the internet.

Compliance  Engine

  1. Demonstrate Templates Library and ability to deploy compliance policies from built-in policy templates.

  2. Demonstrate Policy List to overview all deployed policies.

  3. Show how the results of the policy can be understood.

  4. Demonstrate the ability to clone and edit a policy in Policy Editor, or create a new custom policy from scratch.

  5. Create a report to show Compliance Engine Policy Violations. 

  6. Create a workflow to send out Email/Jira/Slack notifications when a new compliance policy violation is detected.

  7. Demonstrate ability to deploy CIS Benchmarks.

  8. Show how the policy results should be treated (tabs 'Related Objects' and 'Statistic History').

  9. Create CIS Benchmarks dashboard to view compliance by different attributes (cloud account, policy type and name, lifetime interval of incompliances, historical trend).

  10. Create a workflow to send out Email/Jira/Slack notifications when a new incompliant benchmark check is found.

Monitoring

  1. Demonstrate integration with monitoring tools (New Relic, AppDynamics, Datadog, Zabbix, Pingdom, SolarWinds, Sensu, Nagios):

    1. Shows monitored assets.

    2. Retrieve monitoring telemetry.

    3. Map incidents to assets.

    4. Show assets with the highest number of incidents. 

  2. Display the ability to group incidents into cases based on certain criteria, e.g. Zabbix Condition ID.

  3. Set up SNS/Slack/Email alerts for newly created incidents that meet certain criteria, e.g. high-severity incidents.

Log Management

  1. Demonstrate ability to automatically discover, store, and display different types of logs (cloud and host level).

  2. Show examples of sample queries to search for specific logs.

  3. Demonstrate ability to detect log anomalies.

  4. Demonstrate ability to send alerts based on specific criteria (optional).

Backup and Replication

  1. Demonstrate ability to set up backup policies on AWS EC2, RDS, RDS Clusters, S3 Buckets, and Google Disks.

  2. Demonstrate ability to display backup health on an overview dashboard and CI.

  3. Demonstrate ability to set up a certain backup retention period.

  4. Explain how EC2 image replication can be set up using tags.

  5. Create a workflow to send alerts on failed backups.

  • No labels