Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Asset Management

 

Collecting and viewing asset data helps you to identify threats and vulnerabilities. An accurate asset database makes it easier to connect offenses that are triggered in your system to physical or virtual assets in your network.

Note

JSA Log Manager only tracks asset data if JSA Vulnerability Manager is installed. For more information about the differences between JSA and Log Manager, see Capabilities in Your JSA Product.

Asset Data

An asset is any network endpoint that sends or receives data across your network infrastructure. For example, notebooks, servers, virtual machines, and handheld devices are all assets. Every asset in the asset database is assigned a unique identifier so that it can be distinguished from other asset records.

Detecting devices is also useful in building a data set of historical information about the asset. Tracking asset information as it changes helps you monitor asset usage across your network.

Asset Limits

The asset database has a limited capacity. When the asset limit for your hardware is reached, you cannot create any new assets until sufficient space is available in the database. The following table describes the asset limits for each hardware type:

Table 1: Asset Limits for Hardware

Hardware Type

Asset Limit for Console only

Asset Limit for Console with Managed Host

xx05

200,000

600,000

xx24

300,000

700,000

xx28

500,000

1,000,000

xx29

500,000

1,000,000

xx48

500,000

1,000,000

Other hardware

60,000

60,000

Asset Profiles

An asset profile is a collection of all information that JSA collected over time about a specific asset. The profile includes information about the services that are running on the asset and any identity information that is known.

JSA automatically creates asset profiles from identity events and bidirectional flow data or, if they are configured, vulnerability assessment scans. The data is correlated through a process that is called asset reconciliation and the profile is updated as new information comes into JSA. The asset name is derived from the information in the asset update in the following order of precedence:

  • Given name

  • NETBios host name

  • DNS host name

  • IP address

Collecting Asset Data

Asset profiles are built dynamically from identity information that is passively absorbed from event or flow data, or from data that JSA actively looks for during a vulnerability scan. You can also import asset data or edit the asset profile manually.