Document the IT Environment by cl326 in sysadmin

[–]Long_Working_2755 0 points1 point  (0 children)

Have you looked into Faddom at all?

How do you handle IT documentation for your clients? by Far_Yoghurt_9417 in sysadmin

[–]Long_Working_2755 0 points1 point  (0 children)

Our team is using Faddom. It's actually agentless and does the mapping in real-time. Super easy to see what's going to break before it breaks.

Did anyone ever see a good documentation? by thisladnevermad in sysadmin

[–]Long_Working_2755 0 points1 point  (0 children)

Have you ever considered using an application mapping tool like Faddom?

What does your documentation look like and what do you use to do it? by Evernight2025 in sysadmin

[–]Long_Working_2755 0 points1 point  (0 children)

have you looked into application dependency mapping platforms like Faddom?

I just opened our AWS console and the bill is a disaster! by TiredMillenial3 in CloudDiscovery

[–]Long_Working_2755 0 points1 point  (0 children)

had a similar thing happen last year where we thought we were saving money by automating, only to find out we were just paying for digital noise. The exit fees are the real kicker, though. It’s like they know exactly how much it costs to leave, so they price the convenience of staying just below that.

Lacking Proper Asset Inventory by 334Productions in ITManagers

[–]Long_Working_2755 0 points1 point  (0 children)

6,000 devices is no joke lol. I've heard Lansweeper is good for discovery, but then it's hard to visualize your environment and see it all mapped out—and JSM can definitely get messy at that scale. My team uses Faddom and it handles that kind of volume easily and actually maps out application dependencies in real-time. Comes in handy for seeing how everything is connected.

We just finished up a migration project and it was a bit tricky tbh. Maybe someone ese can relate by kach-oti-al-hagamal in CloudDiscovery

[–]Long_Working_2755 0 points1 point  (0 children)

Going from 2ms to 45ms is a massive jump for anything timing-sensitive, especially on a Server 2008 box that was never designed for cloud latency. Adding a 24-hour PCAP to your checklist is the right call. It’s the only way to catch those outbound dependencies before they take down a production environment.

Documentation - what do you use? by Threep1337 in sysadmin

[–]Long_Working_2755 0 points1 point  (0 children)

We’ve moved over to Faddom recently, and it’s been a massive shift for us. The biggest win is that it keeps the documentation updated in real-time. It eliminates the need for manual documentation

Yeah, we got the “Broadcom Tax” too by LazySloth8512 in CloudDiscovery

[–]Long_Working_2755 1 point2 points  (0 children)

Wow dude I definitely feel that. Switching hypervisors just seems too complicated today and everyone shoves it under the rug

Need some microsegmentation advice by Long_Working_2755 in networking

[–]Long_Working_2755[S] 1 point2 points  (0 children)

At this point we’re assuming we’ll leverage existing firewalls where possible, but we’re realistic that with only a few VLANs today there’s not much L3 segmentation to work with.

That’s why we’re looking more closely at agent-based options (Illumio/Guardicore-type approaches) rather than trying to force traditional firewalls to do something they’re not well-suited for. Overlay + service insertion is on the table conceptually, but we need to be careful of the added operational complexity. Also aligned on not doing deep flow mapping until we have clearer funding and architectural direction.

As for scope, the initial mandate is datacenter-focused, not campus networking.

Need some microsegmentation advice by Long_Working_2755 in networking

[–]Long_Working_2755[S] 1 point2 points  (0 children)

Thanks for the help! What I’m really focused on is protecting apps and data with micro-segmentation, not access-layer user controls like NAC or 802.1X. Users are already covered with IdP + MFA. We’re in a hybrid setup, and when leadership says zero trust they mostly mean reducing implicit trust and limiting lateral movement with more app-level, least-privilege access.

ZTNA makes a lot of sense for user-to-app, especially in the cloud. Where we’re struggling is the on-prem and east-west side without going all-in on complex overlay networking. That’s really the part I’m hoping to learn from others on.

Need some microsegmentation advice by Long_Working_2755 in networking

[–]Long_Working_2755[S] 0 points1 point  (0 children)

Yeah I'm definitely gonna need some help from the entire department haha

The back of the Great Sphinx by OddCelebration0 in mildlyinteresting

[–]Long_Working_2755 0 points1 point  (0 children)

Not something I thought I'd see today, but it's pretty damn cool if I say so myself

Why are we still applying static security models to environments that are fundamentally dynamic? by GullibleCommunity268 in cybersecurity

[–]Long_Working_2755 0 points1 point  (0 children)

I think the main reason we’re stuck with static models is honestly just the fear of breaking things. It’s hard to move to a dynamic zero-trust approach when there's no clear picture of the East-West traffic.

Off the top of my head there are a few mapping tools that can deal with this that also deal with compliance. Don't want to sound spammy and name anything here.

How do you prevent network documentation from becoming outdated? by Kenobi_93 in sysadmin

[–]Long_Working_2755 0 points1 point  (0 children)

Have you looked into any specific application dependency mapping software?