You can create the Network Scan policies to configure the discovery methodology, and then define options to locate servers and software components on your networks.
Follow these steps:
Defines the policy name.
Describes the policy purpose and usage.
Specifies that the scan uses the Domain Name System (DNS) of hierarchical naming and numbering. DNS locates servers, services, or other network-connected resources.
Complete the following fields:
Defines the IP address of the server that provides the DNS name resolution for the domain and the name servers of any subordinate domains.
Defines the domains that the profile is responsible for scanning. Enter a domain name in the Add New Domain field, and then click the right-facing arrow to move it to the Selected Domains field.
Defines how many Simple Network Management Protocol (SNMP) queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Note: Configure your DNS server so it allows Zone Transfers from the designated NDG server.
NDG uses the cloud service to discover servers on the cloud environment.
Provide the cloud service discovery engine specifications:
Defines how many discovery engine instances run during the discovery.
Default: 10
Defines how many times the discovery pings an IP address before it fails.
Default: 1
Defines how many milliseconds a request waits for a response before it fails.
Default: 1000
Sends ICMP ECHO requests to determine which in a range of IP addresses maps to live hosts. If a specified address is live, the request returns an ICMP ECHO reply. The scan uses the reply to identify servers, services, or other network-connected resources.
Complete the following fields:
Defines how many discovery engine instances run during the discovery.
Default: 10
Defines how many packets the product sends each second to the IP address.
Default: 32
Defines how many times the discovery pings an IP address before it fails.
Default: 1
Defines how many milliseconds a request waits for a response before it fails.
Default: 2000
Defines the properties for monitoring the network devices and their functions.
Complete the following fields:
Defines how many SNMP queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Determines the port availability through a TCP handshake connection. The scan uses an available port to identify network-connected servers, services, or other resources.
Complete the following fields:
Defines how many discovery engine instances run during the discovery.
Default: 10
Defines how many SNMP queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Specifies whether the scan uses SNMP to interrogate the ARP Cache of routers. The ARP Cache of routers locates servers, services, or other network-connected resources.
Complete the following fields:
Defines how many discovery engine instances run during the discovery.
Default: 10
Defines the IP address of the computer that is the gateway for translating communication protocols.
Specifies whether to restrict the discovery process to the ARP Cache of routers.
Selected: The product only discovers the ARP Cache of routers.
Cleared: The product discovers the ARP Cache of all network resources.
Defines how many SNMP queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Analyzes packet data on the network, passively collects the IP traffic relationships, and identifies servers, services, or other network-connected resources.
Complete the following fields:
Defines how many days, hours, and minutes the scan runs.
Default: 15 minutes
Defines how many discovery engine instances run during the discovery.
Default: 10
Defines how many hours elapse before the scan operation clears the cache. This scan type maintains a cache of discovered servers so that it does not continuously rediscover recently discovered servers.
Default: 8
Specifies whether the scan collects packet count summaries for the discovered relationships. To indicate the relationship strength, the packet count summary determines whether the servers exchanged a few or thousands of packets.
Selected: The scan collects packet count summaries.
Cleared: The scan does not collect packet count summaries.
Default: selected
Defines how many minutes elapse between network statistics collection operations.
Default: 15 (if you selected the Collect Network Statistics check box).
Specifies whether the scan discovers the relationships between network resources.
Selected: The scan discovers the relationships between network resources.
Cleared: The scan does not discover the relationships between network resources.
Default: selected
Defines the minimum number of packets the product requires to determine whether a relationship exists.
Default: 10 (requires that the Discover Relationships check box is selected).
Defines how many SNMP queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Passively collects the IP traffic relationships and identifies servers, services, or other network-connected resources using the data feed from a NetFlow-enabled router.
Complete the following fields:
Defines how many days, hours, and minutes the scan runs.
Default: 15 minutes
Defines the NetFlow discovery engine port number.
Default: 9991
Note: Configure your router so it sends the NetFlow feed to the specified port on the designated NDG server.
Defines how many hours elapse before the scan operation clears the cache, and how often the operation rediscovers servers. This scan type maintains a cache of discovered servers so that it does not continuously rediscover recently discovered servers.
Default: 8
Specifies whether the scan discovers the relationships between network resources.
Selected: The scan discovers the relationships between network resources.
Cleared: The scan does not discover the relationships between network resources.
Default: selected
Defines the minimum number of packets the product requires to determine whether a relationship exists.
Default: 10 (requires that the Discover Relationships check box is selected).
Specifies whether the product collects network statistics for a discovered relationship in a single record.
Selected: The product collects network statistics in a single record.
Cleared: The product does not collect network statistics in a single record.
Default: cleared
Specifies for how many minutes the product aggregates network statistics.
Default: 10 (requires that the Aggregate Records check box is selected).
Defines how many SNMP queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Discovers the servers on the local network segment using IPv6.
Complete the following fields:
Defines how many times the scan attempts to locate an IP address before it fails.
Default: 1
Defines how many milliseconds the scan waits for a response before it fails.
Default: 2000
Defines how many SNMP queries the product makes to an IP address before it fails while attempting to classify the operating system.
Default: 1
Defines how many milliseconds the SNMP query waits for a response before it fails.
Default: 1000
Defines the port that communicates with the VMware server.
Default: 443
Defines the port that communicates with the Microsoft System Center Virtual Machine Manager (SCVMM) server.
Default: 8100
The Soft Agent Probe uses supplied credentials to access the WMI services on Windows computers. The Soft Agent Probe uses SSH on UNIX and Linux target computers.
If you select Perform Soft Agent Probe for Linux or UNIX, edit the ssh_config file to include the following parameter:
PasswordAuthentication yes
By default, the ssh_config file is installed in the following locations:
/etc/opt/ssh
/etc/ssh
If you select the Perform Soft Agent Probe check box, complete the following fields:
Specifies whether to discover network configuration settings.
Specifies whether to discover application configuration settings.
Specifies whether to discover servers and configuration settings for virtualized environments.
Specifies whether to exclude the servers that the product discovers in the communication relationships. When you select this option, the product discovers the servers included in the network profile inclusion list.
Specifies whether to discover hardware components.
Specifies whether to discover established network connections and open ports.
Select the checkbox, then click the Port Mapping to include or exclude specific ports during a network discovery.
Inclusions tab: In the left pane, double-click a mapped port to include it during a network scan.
Exclusions tab: In the left pane, double-click a mapped port to exclude it during a network scan.
Specifies whether to discover storage devices and storage managers and their relationships.
Lets you use Telnet to run a network discovery for UNIX and Linux server access when SSH-based discovery fails. Telnet discovery uses the same credentials as SSH discovery.
Note: Because the Telnet standards do not include encryption, the product communicates the user credentials from the credential vault in clear text.
Specifies whether you can access and gather information from the remote UNIX and Linux servers with the sudo command. The sudo command lets the users that are defined in the /etc/sudoers configuration file run commands as if they had different (often unlimited, as for the root user) permissions.
If you enable sudo, comment the Default requiretty entry in the /etc/sudoers file as follows:
# Default requiretty
For more information, see Configuring sudo for UNIX and Linux Softagent Discovery.
Specifies the port that the product uses for the SSH communications.
Species one of the following modes:
Note: If you select this option and SSH key file authentication fails, the product continues scanning with the UNIX credentials from the Credential Vault.
Defines the user that the product uses for the key file authentication.
Defines the private key file for the SSH authentication. Create the public and private key files with puttygen.exe or a similar utility. Copy the private key to the NDG Server that your CA Configuration Automation Server uses for discovery.
Note: For more information, see Create an SSH Key-based Network Scan Policy.
Defines the public key file for the SSH authentication. Create the public and private key files with puttygen.exe or a similar utility. Copy the public key to the NDG Server that your CA Configuration Automation Server uses for discovery.
Note: For more information, see Create an SSH Key-based Network Scan Policy.
Defines an optional key file protection passphrase. Associate this passphrase with the key files when you create them.
Specifies the use of SSH Proxy.
Complete the following SSH Proxy fields:
Defines the proxy server name or IP address.
Defines the proxy server listening port.
The product creates the policy and adds it to the Network Scan Policies table.
|
Copyright © 2014 CA.
All rights reserved.
|
|