Map makes for better application visibility

New capabilities with Tanium Map help teams reduce technology-based business disruption and enable more informed decision making during security or operations events.

  • Thursday, 6th September 2018 Posted 6 years ago in by Phil Alsop
Tanium has introduced significant advancements to its ground-breaking product portfolio with the launch of Tanium Map. With the increasing complexity of enterprise application infrastructures and volume of new cyber threats, the risk that most organizations will face a technology-induced business disruption is high. In fact, the potential cost of a single disruption is estimated at over $300,000 per hour1.

 

As organizations continue to innovate with technology, it’s crucial they understand the application dependencies that underpin customer transactions or business processes. Tanium Map helps businesses increase resilience by visually charting critical business applications, the endpoints that connect to them, and the infrastructure they depend on. Built atop the Tanium platform, Tanium Map can provide both current and historical insight into these relationships using the speed and reliability of the Tanium architecture.

 

One of the critical issues with managing resilience is understanding how changes might impact business applications. Often, it’s the unintended change or poor understanding of downstream impacts to the environment that leads to a self-inflicted outage. Many organizations have thousands or even hundreds of thousands of applications and infrastructure that might be spread between on-premises, remote locations, and cloud environments. This means the task of managing dependencies has become nearly impossible for most organizations with legacy technologies or manual approaches, which is exactly why we developed Tanium Map.

 

“In far too many enterprise environments, cumbersome change management processes hinder the pace of critical operational and security work,” explained Ryan Kazanciyan, Chief Product Officer at Tanium. “Simple tasks like planning for a patch or responding to an outage often take orders of magnitude more time than they should. We often see practitioners struggle to assemble fragmented dependency data from dozens of systems of record, or even resort to more drastic measures like the ‘scream test’."

 

“Tanium Map plays a crucial role in addressing the root of these challenges. When equipped with an enterprise-wide perspective of the relationships between endpoints, processes, network activity, and the business applications they support, IT and security teams can efficiently plan for change, reduce the likelihood of disruption, and rapidly respond to unexpected incidents. Tanium Map delivers both current and historical insight into these interactions and dependencies across clients and servers alike,” added Kazanciyan.

 

Tanium Map’s approach to application dependency mapping also offers valuable capabilities for security teams. Tanium Map can help define and validate system security boundaries, helping to ensure that network access controls are as restrictive as needed while still permitting legitimate traffic. Security engineers can monitor and refine these boundaries over time, and demonstrate compliance with regulatory requirements or detect unwanted activity. During breach investigations, Tanium Map can also help investigators analyze lateral movement and assess whether intruders had access to systems that make up - or interface with - critical business applications. By operating from the same “source of truth”, security and operations teams can more effectively collaborate to address and resolve incidents.

 

“Map provides a precise and near comprehensive picture of the relationships between our customer's applications and the devices that underpin them,” said Matt Ellard, EMEA Managing Director at Tanium. “Application dependency mapping has been one of the most in-demand capabilities in recent times, addressing the struggles that organizations have traditionally faced with understanding their application environment. After all, organizations can’t protect what they don’t know exists and so IT teams must be empowered to work more efficiently with a real-time understanding of how their infrastructure is changing. Map represents a significant leap forward, allowing customers to chart end-to-end application relationships from server to end-user, rather than rely on a range of fragmented or manual solutions.”

 

“Tanium Map represents the next step in our mission to help businesses become more resilient,” said Matt Ellard, EMEA Managing Director at Tanium. “This launch extends our platform for Business Resilience Management across security, operations, and risk use cases. We believe Map will dramatically improve an organisation’s ability to plan for and react to change, gain visibility, and ultimately improve resiliency in the application environment.”

 

Features and capabilities of Tanium Map include:

 

  • Quickly and efficiently map an application’s dependencies:
    • Understand the scope of application dependencies where the root causes of application issues may lie.
    • Identify the clients and end-users who are likely to be impacted by application issues.
    • Narrow the map to long-running connections that may be responsible for application issues.
    • Quickly determine whether applications have the desired infrastructure redundancy and capacity.
  • Deep inspection of the role endpoints play in the application environment:
    • Point to an endpoint(s) and understand the defined applications, unclassified traffic, and downstream machines that could be impacted if that endpoint has issues or is changed (e.g. outages, maintenance, migration, M&A).
    • Create maps for specific time frames to correlate changes over time with application issues.
  • Reducing unnecessary infrastructure and applications:
    • Identify how and where infrastructure is being used.
    • Show the user load for each application over time, helping to identify wasteful infrastructure and unused applications.

 

Validate network segmentation and isolation for critical systems:
  • Evaluate whether applications are segmented from each other.
  • Allow security engineers to define more restrictive network access controls while still ensuring legitimate traffic is permitted.
  • Understand and validate security boundaries, demonstrating compliance through them over time.