Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Asset Management

Collecting and viewing asset data helps you to identify threats and vulnerabilities. An accurate asset database makes it easier to connect offenses that are triggered in your system to physical or virtual assets in your network.

Note:

JSA Log Manager only tracks asset data if JSA Vulnerability Manager is installed. For more information about the differences between JSA and Log Manager, see Capabilities in Your JSA Product.

Asset Data

An asset is any network endpoint that sends or receives data across your network infrastructure. For example, notebooks, servers, virtual machines, and handheld devices are all assets. Every asset in the asset database is assigned a unique identifier so that it can be distinguished from other asset records.

Detecting devices is also useful in building a data set of historical information about the asset. Tracking asset information as it changes helps you monitor asset usage across your network.

Asset Limits

The asset database has a limited capacity. When the asset limit for your hardware is reached, you cannot create any new assets until sufficient space is available in the database. The following table describes the asset limits for each hardware type:

Table 1: Asset Limits for Hardware

Hardware Type

Asset Limit for Console only

Asset Limit for Console with Managed Host

JSA3800

60,000

60,000

JSA7500

300,000

700,000

JSA5800

500,000

1,000,000

JSA7800

500,000

1,000,000

The following table describes the asset limits for Virtual Machines (VM):

Table 2: Asset Limits for Virtual Machines

Virtual Machine (VM) Type

Asset Limit for Console only

Asset Limit for Console with Managed Host

VM with minimum requirements

60,000

60,000

VM with 16-core CPU and 48GB memory

200,000

600,000

VM with 32-core CPU and 128GB memory

 500,000 1,000,000

VM with 49-core CPU and 129GB memory

500,000

1,000,000

VM or Software only install

500,000

1,000,000

Asset Profiles

An asset profile is a collection of all information that JSA collected over time about a specific asset. The profile includes information about the services that are running on the asset and any identity information that is known.

JSA automatically creates asset profiles from identity events and bidirectional flow data or, if they are configured, vulnerability assessment scans. The data is correlated through a process that is called asset reconciliation and the profile is updated as new information comes into JSA. The asset name is derived from the information in the asset update in the following order of precedence:

  • Given name

  • NETBios host name

  • DNS host name

  • IP address

Collecting Asset Data

Asset profiles are built dynamically from identity information that is passively absorbed from event or flow data, or from data that JSA actively looks for during a vulnerability scan. You can also import asset data or edit the asset profile manually.