Skip to main content

Implementing Infrastructure Auto Discovery

You can configure Bravura Security Fabric to automatically discover computer systems and accounts, including:

  • Systems on a domain

  • Administrator and user accounts whose credentials are used to manage services, scheduled tasks, IIS websites or DCOM objects

Passwords on discovered objects are not randomized until the objects are managed. They become managed by being manually selected, or by passing import rules . You can also use import rules to delete objects, or un-manage them so that passwords are not randomized.

Terminology

The following terms are used to describe the various states of computer systems:

  • Discovered objects refers to both discovered accounts and discovered systems.

  • Discovered accounts are any administrator, service and user accounts that are listed from target systems, depending on the configuration of their discovery options.

  • Discovered systems are computer objects imported into the Bravura Security Fabric database, but not yet managed.

    They are listed from a domain, or are systems that have a Local Service installed and have connected to the Local Workstation Service. No corresponding target system has been created, and passwords cannot yet be randomized.

  • Managed target systems are discovered systems that are imported as target systems, based on a template, either manually or by passing the requirements of a target system import rule.

    Passwords are not randomized until the systems are added to a managed system policy, either manually or by passing the requirements of an import rule.

    By default, discovered systems on Active Directory domains use their GUIDs as their target system IDs.

  • Discovery templates define the configuration to apply to new target systems created from discovered systems. They can be applied manually or using an import rule .

  • Source systems are manually-defined systems from which discovered systems are listed.

    These are usually domain target systems that have their discovery options set to list computer server objects and computer workstation objects on the domain.

In this section: