As many of you heard, RSA Archer has a new feature, Data Gateway! A lot of you are probably wondering what Data Gateway is and how Data Gateway expands your integrated risk management program. Data Gateway provides the ability to unify data from disparate systems and even the ability to search directly into those external systems for tremendous scale benefits and less data replication.
In the powerful world of Data Gateway, there are essentially 3 types of Archer records. The first type of record is our traditional RSA Archer record where all of the content lives within the Archer database structure. This is the same record that most of us have been working with for many years. The traditional RSA Archer record has all existing core RSA Archer functionality, such as calculations, cross-references, and record permissions.
The second type of record is what I call a “hybrid” record. A hybrid record combines content from the Archer database alongside data from an external system into a single view on the record page. An example of this would be a using Data Gateway to display a consolidated view of hardware assets that are stored in a configuration management database (CMDB). While the CMDB might hold general information about the hardware asset such as hostname and IP address, relationships to associated software or to the organizational hierarchy that provide business context are stored within RSA Archer. Hybrid records require a content mapping. This means that Archer stores a relationship between the RSA Archer record and the data in the external system that tells Archer which external data to return while viewing the data in Archer. This means that the existing scale dynamics are still relevant because each of the hybrid records still has a Content ID within the Archer database. The significance of hybrid records is that there is no longer the need to duplicate data from an external system into RSA Archer. You can continue to use core Archer functionality and view data from disparate systems all from within RSA Archer.
The third type of record is an external record where the data is completely external. Yes! I said, completely external! Data Gateway provides RSA Archer the ability to search directly into an external system. This creates tremendous scale benefits and allows you to search that external system from the RSA Archer interface without requiring you to bring the data into RSA Archer. An external record doesn’t store any content in the RSA Archer database. RSA Archer Advanced Search can search directly into the external system. Since the content is completely external, there is functionality that is not available such as cross-references and record permissions. However, for high-volume and highly dynamic data like vulnerability scan results it allows you to gain visibility and insights to the risk that these vulnerabilities present to your organization without replicating your scan results into another system.
Implementation of Data Gateway is quite a bit different than typical RSA Archer configuration. The primary component that enables communications between your RSA Archer instance and your external system is called a Data Gateway Connector. Data Gateway Connectors require custom code to be written for each of your unique use cases. The custom Data Gateway Connector Plugin leverages RSA Archer’s APIs and in conjunction with the ability to call your external system’s APIs or procedures. Writing connector code requires some particular skills that are not included in most Archer administrator toolboxes, so initial implementations of Data Gateway will be executed exclusively through RSA Professional Services. Our technical RSA Professional Service team members will develop a Data Gateway Connector specific for your use case.
RSA Archer Data Gateway can help to fully integrate your risk management program. The first game-changer is Data Gateway’s ability to unify your disparate information systems within the single view of RSA Archer. The second innovation unleashed with Data Gateway is the ability to search directly into an external system which allows RSA Archer to maximize the scale of information that can be leveraged by your integrated risk management program. For more information, contact your RSA Account Representative to learn how RSA Archer Professional Services can unleash the power of Data Gateway for your organization.
18 Comments
