A configuration management database (CMDB) is a database that contains all relevant information about the hardware and software components used in an organization's IT services and the relationships between those components. A CMDB provides an organized view of configuration data and a means of examining that data from any desired perspective.
How CMDBs work and why they're important
As IT infrastructure becomes more complex, the importance of tracking and understanding the information within the IT environment increases. The use of CMDBs is a best practice for IT leaders that need to identify and verify each component of their infrastructure to better manage and improve it.
Within the context of a CMDB, components of an information system are referred to as configuration items (CI). A CI can be any conceivable IT component, including software, hardware, documentation and personnel, as well as any combination of them or dependencies between them. The processes of configuration management seek to specify, control and track CIs and any changes made to them in a comprehensive and systematic fashion.
The IT Infrastructure Library (ITIL) best practices standards include specifications for configuration management. According to ITIL specifications, the four major tasks of configuration management are:
- Identify CIs to be included in the CMDB (discovery)
- Control data to ensure that it can only be changed by authorized individuals (security)
- Maintain status, which involves ensuring that current status of any CI is consistently recorded and kept updated (reporting)
- Verify through audits and reviews of the data to ensure that it is accurate (auditing)
CMDBs capture attributes of the CIs, including CI importance, CI ownership and CI identification code. A CMDB also provides details about the relationships (dependencies) between CIs, which is a powerful tool if used correctly. As a business enters more CIs into the system, the CMDB becomes a stronger resource to predict changes within the organization. For example, if an outage occurs, IT can understand through the CI data who or which systems will be affected.
Pros and cons of using CMDBs
CMDBs provide a centralized view of IT data, which, in turn, offers IT leaders more control over their infrastructure. A CMDB user can visualize each individual IT infrastructure component -- for example, a storage device or an application running on a server -- which reduces complexity, prevents administrative and management errors, and increases security. CMDBs can also enable IT leaders to spot ways to save within the organization by eliminating unnecessary or redundant IT resources and their associated costs.
Another benefit of a CMDB is the ability to integrate data from another vendor's software, reconcile that data, identify any inconsistences within the database and then ensure that all data is synchronized. A CMDB system can also integrate other configuration-related processes, such as change management and incident management, to better manage the IT environment.
A CMDB can also present a number of challenges. A particularly difficult issue is organizational in nature: to convince the business of the benefits of a CMDB and then to use the system properly once it is implemented.
Once implemented, an initial challenge is to import all relevant data into the CMDB. This can be a tedious task, as admins must input a wealth of information about each IT asset, including financial information, upgrade history and performance profile. It's important to note that this data doesn't always come from the same source. In theory, a process called data federation brings together data from disparate locations to prevent IT from replacing or eliminating other data systems. But, in practice, data is dispersed across sources that are not well integrated, which prevents IT managers from federating data.
Over time, IT must maintain and update the CMDB's data. It's common for a CMDB to fail because IT does not update the information and, therefore, it becomes stale and unusable.
CMDB vendors and tools
Common CMDB vendors include BMC Software, Hewlett Packard Enterprise (HPE), IBM, CA Technologies and Microsoft.
IT can also adopt integrated or third-party tools to supplement its CMDB.
Automated discovery and change management tools, such as HPE's Network Node Manager and BMC's Atrium Discovery, automatically generate and update data to capture the state of the current IT environment. However, while discovery tools enable IT to take a more hands-off approach to configuration management, they don't completely eliminate the need for manual entry. For example, admins may need to manually enter some details such as the hardware's purchase date, price and due date of the next renewal of service.
IT operations analytics tools can also integrate with CMDBs. For example, an IT team could integrate Evolven Software's Blended Analytics tool to analyze the established configuration of each server and compare possible changes against an existing benchmark, alerting IT managers to unexpected or disallowed changes to a configuration for examination and remediation.
Data management tools can also be used to address the issue of data federation by taking all IT data from a variety of sources and automatically storing it in a CMDB. Tools like these are available from Blazent and BDNA and increase the accuracy of an enterprise's CMDB data.