Proper asset management is necessary to make the most of the AlienVaultUSM Appliance experience. Asset management allows you to configure USM Appliance according to your needs.
In USM Appliance, asset management includes the following aspects:
One of the essential security capabilities that AlienVaultUSM Appliance offers. This capability allows users to discover and inventory all the assets in a network and to correlate asset information with threat and vulnerability data. This functionality uses active and passive network asset scanning.
You can add or delete assets manually. See Adding Assets.
Vulnerability assessment is another essential security capability that USM Appliance provides. With the asset-oriented security approach introduced in USM Appliance, you can schedule vulnerability scans directly from the assets. See Running Vulnerability Scans from Assets.
HIDS Agent Deployment
Starting with USM Appliance version 5.1, you can deploy HIDS agents directly while managing the assets. See Deploying HIDS Agents.
You can categorize your assets in many different ways by using filters or labels.
Not all assets have the same significance. You can prioritize your assets by assigning different values to them. See Assets and Groups.
USM Appliance allows two types of asset monitoring: host monitoring and services monitoring. Host monitoring reports if an asset is up or down, while services monitoring discovers services on an asset and monitors availability of those services.
It is essential to investigate the alarms. This may, for instance, require knowing the software version installed on an asset; the existing vulnerabilities; the users who have access to (or traffic generated by) an asset.