Home �   ITIL�  Index

Dirty Little Secrets of Application Dependency Mapping

Dec 26, 2007

Michael LaChance

Here are few areas requiring close attentions during your assessment of these tools.

Application Boundaries

Application mapping tools create a visualization of the infrastructure components associated with an application. They can also display software components and dependencies on other application or even software components. However they provide little or no visibility into relationships between value networks, business processes, content, and other applications.

Defining the boundaries of applications are often gray areas that need to be hammered out with application owners and architects. One particular troubling aspect of discovered topologies is that they represent the configuration at a particular point in time. Discovery schedules need to be carefully thought out because if a TCP port isn’t open at time of discovery then the map won’t depict the partnering CI.

Class Model

Application dependency mapping tools interrogate the infrastructure and these results are stored in a database whose object-oriented class structure is loosely based on an emerging industry models, such as DMTF, CIM and others. Because there isn’t an industry standard, federating CIs, attributes and relationships across multi-vendor environments is exceedingly difficult especially as vendors are apt to interpret these emerging standards differently while applying their own extensions.

Carefully investigate the integration requirement if your application mapping tool is from vendor X but your ITSM automation solution uses CMDB technology from vendor Y. Otherwise, you may be looking at a rather large professional service integration effort.


Because application mapping tools need to first learn about the infrastructure, they must be taught some basics about the environment like IP address ranges, subnets and SNMP communities before they can start trolling for CI, attributes and relationships. These tools are efficient so network bandwidth consumption is rarely an issue, however intrusion detection systems need to be forewarned about this activity. And firewalls ports may need to be opened.

Discovery technologies leverage IP protocols such as ICMP, SSH, JDBC, and others to probe the network. Operating systems credentials across the server population are needed to probe further. Once that level of security is in place, you’ll then need to provide even deeper access for all your Oracle and SQL databases, Websphere and BEA environments, etc. so discovery tools can interrogate the real details of your application’s configuration. Simply providing authentication and access rights across the infrastructure for the discovery tool can take months in a large organization with thousands of servers.

Start Small

So, should these and other implementation challenges put you off investigating application dependency mapping tools? Absolutely not. The accuracy provided by these discovery tools is incredible and beyond the reach of manual methods but should only be acquired by organization with a fairly high level of maturity with change and configuration management.

Look for a sweet spot for application dependency mapping and BSM technologies. Start small and focus on a limited set of key application and business process. Engage your customers early as they’re best placed to tell you what those key applications are or perhaps check with your organization business resiliency office (if one exists) as they’re typically pretty good at assessing and assigning risk.

These tools are not inexpensive so prospective buyers should examine these offerings very carefully in light of their own maturity and scrutinize the cost benefits of such technology in the context of their own infrastructure and application environments. Above all, develop a solid business case and prove its value before attempting an enterprise deployment.

Michael LaChance is VP of IT Production Services for The Travelers Companies in Hartford, CT. Michael can be reached at mblachan@travelers.com.