Reality maps

10.04.2006
When auditors come knocking at the door of Boise State University's IT department, executive director David O'Neill has a quick way of dealing with them. Rather than rounding up senior engineers to sit down with the auditors and spend hours answering questions about the university's IT systems, O'Neill instead relies on an automated application-mapping tool to quickly produce an up-to-date inventory and diagram of all the software systems and the relationships among them.

The old approach of getting auditors what they needed could consume as much as three to five days of his senior engineers' time, says O'Neill. "Since most of these audit questions are really almost inventory questions, I said, 'Let's have a machine answer those questions.' We don't need a bunch of my senior engineers doing it. That's too damned expensive," he explains.

The product Boise State is using, nLayers Inc.'s InSight appliance, can, for instance, show whether backups are happening as expected, whether a sensitive system is open to access by other servers when it shouldn't be, or if there's an unauthorized desktop that has found a back door into a student-records database server.

"You think you're the only one serving an application, but guess what -- someone else is serving it too. Or there's superfluous data moving around on the network. Or you've got folks accessing [Internet] sites they shouldn't be," says O'Neill.

Boise State uses Packeteer Inc.'s PacketShaper to make network traffic visible, but it doesn't show what that traffic represents in terms of applications, locations and other specifics. The mapping tool gives O'Neill access to that intelligence.

The need to know