Configuration Management Database

(CMDB)

A configuration management database (CMDB) is a central repository that acts as a data

warehouse, storing information about your IT environment and it is a purpose-built database for
configuration management.

How does a CMDB work?

A CMDB provides a common place to store data associated with IT assets and configuration
items (CIs). The fundamental building block of a CMDB is the CI. A CI represents an item under
configuration management, such as a router, a server, an application, a virtual machine, a
container, or even a logical construct such as a portfolio. Data import tools are usually used to
identify CIs in the environment and transfer them to the CMDB. Some IT teams may also use
manual tools to keep their CMDB updated but this is not a good practice as it cannot scale and it
introduces errors - duplicates and un-necessary CIs. Once all of the information is gathered and
unified, it must be reviewed for accuracy and consistency, and any data-gaps should be identified
and resolved.

For a CMDB to function optimally, it must remain highly accurate, necessitating constant
updating and ideally automated updates.

What are the benefits of CMDB?

At its core, one of the most significant benefits of CMDB is that it takes all the siloed data across
the enterprise required to run IT , and it brings it all together in a single place giving IT
Operations visibility into all the IT resources in the enterprise. It prevents data from being
scattered across multiple different locations. A CMDB helps IT teams in a number of ways, here
are just a few: it helps eliminate outages, significantly reduce the time it takes to remediate an
outage, remain in compliance, avoid security and audit fines, understand important service
contexts when making decisions, which benefits risk assessment and reporting, and track
software license and cloud costs.
Planning
CMDB helps technology managers plan at both a detailed level with asset management and at a
high level with enterprise architecture.
Operating
Core ITSM practices are improved by CMDB, including incident, change, and problem
management.

CMDB can improve risk assessment in change management by anticipating which systems and
users might be impacted the most. It also aids compliance by helping teams manage audit trails
and controls.

CMDB affects incident management by identifying the changes and root causes of an incident,
and moving toward a faster resolution. Incident records are associated with their CIs, which
helps teams track incidents over time in conjunction with the assets impacted by the incident.

Problem management benefits from CMDB in that it helps with root-cause analysis, which helps
teams get to the source of a problem more quickly. It also supports proactive management by
assisting teams with identifying assets that are in need of an upgrade to reduce service costs and
downtime.

Accounting
It’s important to have application and service codes in IT finance, as it helps allocate billing
statements and manage other finances.

Characteristics of CMDBs
Seamless dashboards
Integration of dashboards with CI metrics and analytics make it easy to track the health of data,
the impact of changes, patterns that lead to incidents or problems, and the health of the CIs. It
gives the operations team real-time insights into the previous incident, problem and change
related to a CI which significantly reduces the time it takes to remediate an issue.
Access controls
Access controls provide the ability to give access levels to different individuals or teams as is
needed, and trace any changes back to their source in the event of incidents or questions.
Compliance
You’ll get detailed records for the sake of visibility that will help with audits. Insights into
records include the state of CIs, historical changes, checks and balances, and incidents.

Creation of CIs and data population

This is supported across three different types of methods: integrations, discovery tools, and
manual input that all scan IP addresses within an organization’s network to find software and
hardware information. This process creates an inventory of all assets and devices within a
company, including cloud resources.

Federated data sets

Support for federated data sets Includes reconciliation and normalization of CIs and their
relevant data.

IT service mapping
A physical representation of relationships and dependencies related to an IT service.

Challenges of CMDBs

Despite the obvious advantages of CMDB, many organizations fail to generate value from their
CMDB solutions and these are just a few of the reasons: manual processes used to build the
CMDB, lack of people and process in place to identify the critical data that should be moved into
the CMDB or the automated tools to ensure the data is put in the right place in the CMDB.
However, this does not mean that the technology itself is flawed; by identifying the factors at
play, it is possible to prepare for and prevent issues that might hamper CMDB effectiveness.
Accuracy
It can be difficult to maintain the accuracy of a CMDB—some of these difficulties include
discovery tools not running frequently enough, an absence of automation protocols, or too much
reliance on data input. By focusing on and optimizing discovery within your CMDB, you will
improve accuracy.
Centralization
While a CMDB is a centralized place to view data, this does not necessarily mean that all asset
data needs to live exclusively in the CMDB. A best practice is to take data from other tools so
that the most relevant tool is used to support each case.
Multiple data sources
While a CMDB does act as a centralized repository for IT asset information, there can sometimes
be too many sources of data that are feeding into the CMDB. This can create confusion and
muddled data that may be difficult to categorize.
Process
Some organizations function under the perception that CMDBs are for mapping legacy
infrastructure and software rather than the new stack of cloud and software infrastructure. It’s
important to not let the conversation around semantics prevent you from tracking the value of
your CIs in a tool that provides a wide view of your technical ecosystems.
Relevancy
Some companies treat their CMDBs as the singular source of truth, and this can lead to
organizations trying to combine all of their data into that location without considering use cases
and what is relevant to their needs. A CMDB should contain only useful and focused data that
supports processes—ensure that it defines value, objective, owner, and ways to update all of the
data.
Team commitment
Team commitment is one of the most important factors in the integration and use of new
technologies and processes, and whether or not they are successful. If your organization and the
people involved are not fully committed to the success of your CMDB solution, then it likely
will not succeed.

Tools
It’s crucial to choose the right tool if you want to avoid failure. Some CMDB tools are simply
asset repositories that are fixed on legacy infrastructure discovery tools with a slow reaction to
change. The best CMDB tools are those that are able to pivot quickly, and that account for new
types of assets.
ITAM vs. CMDB

IT asset management (ITAM) is the process of accounting for assets during their lifecycle. This
includes procurement and purchasing, software license management, technology refresh, and
asset valuation. ITAM oversees more financial and contractual components of assets. CMDB is
centered around the data used to manage assets during the period of time in which they are live
and present within your IT environment. This includes understanding what comprises a service
or asset, how it is used, and how it is related to other assets and services.

Choosing what to manage in your CMDB

Each organization has different use cases and goals with CMDBs, and that should determine the
extent of their setup.

Technical entities
This includes application software, containers, virtual machines, databases, operation systems,
hardware, ports, business services, technical servicers, and networks.

Non-technical entities
These are users, organizations, locations, documents, customers, and service agreements.

Why CMDB is critical for effective ITAM

CMDB is only useful for ITAM in the event that it is well integrated with ITAM processes. Most
CMDBs act as a central repository of configuration data, or it can be easily integrated with other
processes and their datastores. Some store information about the devices connected to a network,
as well as information about software contracts and licenses, which are associated with
ITAM.Storing all of this data within a CMDB allows information to be generated in a single
process that can be seen easily by other similar processes—this strong integration enhances those
similar, and other associated, processes.Strong integration between CMDB and ITAM reduces
risk, as it has the capability to log a server’s CPU, RAM, IP address, MAC address, etc., which
provides the opportunity to identify any red flags if this information changes unexpectedly. If a
scanning tool finds an application that didn’t go through the approved channels, it can be a rogue
or harmful application that may introduce vulnerabilities.
CSDM and CMDB
The common service data model (CSDM) is all about doing CMDB the right way. A CSDM is a
centralized repository of standard and consistent sets of terms and their definitions. It is an
essential best practice framework for CMDB management and modeling, and can provide
guidance on modeling with its standardized terms and definitions. In other words, it’s a backbone
for configuration that connects a CMDB from a business and technical perspective with
recommended mappings and their respective relationships.If done properly, CSDM offers
visibility into service and application data from varying domains, combined into a single view,
allowing you to configure your IT strategy with a company strategy and the various capabilities.
A proper CMDB also provides faster incident resolution, improved security, and a better
judgement of the impact of change.

Evolution of CMDBs
An IT infrastructure library (ITIL) describes processes for asset and configuration management,
with the end goal being maintaining information about configuration items. This information
includes lists of items, in addition to their relationship to each other. ITIL also depicts underlying
technical capabilities that are needed to support assets and configuration management that may
span multiple CMDBs.
Companies are beginning to embrace Agile and DevOps, which means that CMDB will take on a
larger role in allowing IT employees to understand their production environments and make
decisions in real-time. SaaS usage is also expanding, and companies need to integrate their
external data sources into a CMDB to have a big picture perspective of their hybrid IT
environment.