Using Netscan
Netscan is only bundled and installed with the Gateway Data Center Edition. It is able to discover machines including routers and switches on an ethernet network.
|
This is an advanced function for administrators that is only available in the Data Center Edition Gateway workspace. Discovery Managers have access to this function. |
When a gateway is installed you must provide administrator account credentials for the machine on which you are installing the gateway. This allows it to discover machines, use WMI to audit them, and deploy client agents to other machines on the network. For information about gateways, see Installing a Gatewayand Managing Gateway Settings.
If no client agents are installed, Netscan returns only IP addresses and names of devices. Netscan has the following features:
- Supports SNMP V1, V2C, and V3. Users can configure multiple protocols.
- Able to discover routers and switches.
- Reports Model, Serial number, and Manufacturer for a machine, and OS versions for Windows machines.
Netscan scans within a subnet (or IP range) to check for devices. Once a device is found you can audit the machine by:
Deploying a client agent to the machine. See Deploying Agents to Other Computers.
--or--
Remote scan the machine (remote scan) using WMI to get software information. A WMI scan is only possible if the computer is connected to the network directly or by VPN.
Enter Netscan IP Ranges
The Netscan IP-Ranges tab is available only if you installed the Gateway Data Center Edition.
Netscan sends a ping request to the IP addresses or ranges that you specify. It uses WMI to survey the discovered machines to get operating system and execution environment information. You can:
- Specify the subnet client computers that are associated with a gateway.
LanProbe interrogates physical servers and clients only within a subnet, while Netscan pings virtual devices in the entire network. - If WMI is not available, Netscan uses SNMP. For SNMP, you must specify the community strings.
- Using WMI, Netscan retrieves the model, serial number, and manufacturer for a machine and OS for a Windows machine.
- Using SNMP, Netscan recognizes computers, servers, printers, switches and routers; other devices such as UNIX or AIX machines are identified as unknown devices.
| 1. | Log in as the Discovery Manager and open the Gateway workspace. A list of gateway computers is shown, or a default gateway computer record appears. |
| 2. | Double-click to open the gateway that you want to manage. The Gateway page appears. |
| 3. | From the Netscan IP-Ranges tab, click New IP-Range. The New IP-Range window appears. |
| 4. | Enter information into the fields. |
| Field | Description |
|---|---|
| Name | A unique name for this range. |
| Range |
A range of IP addresses for Netscan to ping. The default range of IP addresses is represented as *. The wildcard * specifies a range from 0 to 255. For example, 192.172.12 would be represented as 192.172.*, which means a range from 192.172.12.0 to 192.172.12.255. To block certain IPs from the range, rather than using wildcards to enter the entire range, enter sub-ranges of IP and omit the ones you want to block. For example, entering 192.172.1-9.* 192.172.11-255.* blocks 192.172.10 from the range |
| 5. | Click Save. |
| 6. | From the toolbar, click Deploy Settings. The settings are deployed. |
Enter Netscan SNMP Protocols
The Netscan SNMP Protocols tab is available only if you installed the Gateway Data Center Edition.
If a WMI connection is not available, then Netscan uses SNMP. For SNMP, you need to specify the community strings, as described in the following procedure.
| 1. | Log in as the Discovery Manager and open the Gateway workspace. A list of gateway computers is shown, or a default gateway computer record appears. |
| 2. | Double-click to open the gateway that you want to manage. The Gateway page appears. |
| 3. | From the Netscan SNMP Protocols tab, click New SNMP Protocol. The Edit SNMP Protocol window appears. |
| 4. | Enter information into the following mandatory fields. |
| Field | Description |
|---|---|
| SNMP Version | SNMP version. Select from the drop-down list. |
| Port | The port number |
| Community String | The password to read SNMP data. |
| 5. | Click Save. |
| 6. | From the toolbar, click Deploy Settings. The settings are deployed. |
Scan the Network for Computers
| 1. | Log in to the Service Desk Console as a Discovery Manager and choose the Gateway workspace. |
| 2. | Click Scan Active Directory on the toolbar. |
| 3. | At the prompt, click Yes. An agent task for the gateway is created. After the gateway receives the task, the scanning process starts. |
When the scan finishes, any computers that are discovered but not audited are listed.
If the system does not detect the configuration item type or operating system, it is identified as an unknown device. See View Discovered Assets and Change the Type.
After you generate a list of computers that are not audited, you can manage these computers by deploying an agent to them (see Deploying Agents to Other Computers) or by auditing them remotely (see About Running Agentless Audits).