• |
• |
Thorough Discovery: You can use this type of discovery to get more device information than what is available from the "what and where" type. See Add a Discovery Schedule for a thorough scan of managed Windows, Mac, Linux, and UNIX computers. |
• |
External Integration Discovery: A different type of thorough discovery that is aimed at certain computer devices that are not Windows-, Mac Os X-, or Linux-based. For more information, see: |
If you want to add an Nmap Discovery Schedule, there are several issues to consider. See Things to take into consideration with Nmap discovery.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
◦ |
◦ |
◦ |
◦ |
External Integration [KACE Cloud Mobile Device Manager, G Suite, Workspace ONE]. KACE Cloud Mobile Device Manager, G Suite, and Workspace ONE discovery options appear. |
◦ |
Authenticated [WinRM, SNMP, SSH, VMware, Hyper-V]. DNS Lookup, Relay, WinRM, Hyper-V, VMM, SNMP, SSH, and VMware discovery options appear. |
◦ |
◦ |
3. |
4. |
In the IP Address Range field, enter an IP address range to scan. Use hyphens to specify individual IP address class ranges. For example, type 192.168.2-5.1-200 to scan for all IP addresses between 192.168.2-5.1 and 192.168.2-5.200, inclusive. |
5. |
6. |
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule. |
Run in combination with an event rather than on a specific date or at a specific time. | |||||||||||
Every n hours |
|||||||||||
Run daily at a specified time, or run on a designated day of the week at a specified time. | |||||||||||
Run on the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. | ||||||||||
Run on the nth weekday of every month/specific month at HH:MM |
Run on the specific weekday of every month, or a specific month, at the specified time. | ||||||||||
Run according to a custom schedule. Use standard 5-field cron format (extended cron format is not supported): Use the following when specifying values:
| |||||||||||
Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled tasks. Click a task to review the task details. For more information, see View task schedules. |
8. |
To improve the speed and accuracy of Nmap discovery:
• |
Avoid using DNS Lookup. DNS Lookup can slow down scan times by up to 500 percent if you specify an invalid or unreachable IP address for the DNS. |
• |
Run one discovery type at a time. Although it is possible to run multiple discovery types simultaneously, doing so can extend the length of a run and can cause erratic OS detection results. |
• |
Select Nmap Operating System Detection (Best Guess) if you are unsure what to run. This selection can give you a reasonable view into your subnet or subnets. At a minimum, using Best Guess can identify what OSs are on what devices. If you do not get the expected results, for example if some devices appear with unknown as the Operating System, try increasing the timeout value and rerunning the discovery. |
• |
Discovery does not work correctly through a VPN. Use another source for access to the devices. |
If you know that there are devices that should be reported, but are not, they are either:
If the Operating System appears as unknown in the Discovery Results list page:
• |
Check to see if the Nmap checkmark is present in the Nmap column. If not, the device was offline during the scan, and the operating system could not be determined. |
• |
If the Nmap checkmark is present, but the Operating System is unknown, the most likely cause is a firewall that is blocking the ports that Nmap is using to determine what OS is running on the device. |
For example, if you scan using only UDP ports 7 and 161, the device appears online with the Nmap checkmark displayed. However, the Operating System appears unknown, because UDP ports alone are not sufficient to determine what OS is running on the device.
If you want to add an Nmap Discovery Schedule, there are several issues to consider. See Things to take into consideration with Nmap discovery.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
◦ |
◦ |
◦ |
◦ |
External Integration [KACE Cloud Mobile Device Manager, G Suite, Workspace ONE]. KACE Cloud Mobile Device Manager, G Suite, and Workspace ONE discovery options appear. |
◦ |
Authenticated [WinRM, SNMP, SSH, VMware, Hyper-V]. DNS Lookup, Relay, WinRM, Hyper-V, VMM, SNMP, SSH, and VMware discovery options appear. |
◦ |
◦ |
3. |
4. |
In the IP Address Range field, enter an IP address range to scan. Use hyphens to specify individual IP address class ranges. For example, type 192.168.2-5.1-200 to scan for all IP addresses between 192.168.2-5.1 and 192.168.2-5.200, inclusive. |
5. |
The hostname or IP address of the name server. | ||||||||
Specify the device that you want to use as a relay for agentless device inventory. Selected relay devices are listed on the following pages:
| ||||||||
Enable a port scan using UDP (User Datagram Protocol). Use a comma to separate each port number. | ||||||||
Enable the appliance to use a secure port for LDAP communication. | ||||||||
The username of the administrator account on the Active Directory server. For example, username@example.com. | ||||||||
The password of the administrator account on the Active Directory server. | ||||||||
The name of the tenant on the KACE Cloud MDM associated with the devices that you want to manage. | ||||||||
The details of the account that is used to connect to the KACE Cloud MDM device. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. For more information, see Add and edit Secret Key credentials. | ||||||||
If selected, all mobile devices discovered in the next scan are added to inventory. | ||||||||
If selected, any Chrome devices will be discovered in the next scan. | ||||||||
If selected, any G Suite mobile devices will be discovered in the next scan. | ||||||||
The details of the account that is used to connect to the Chrome device. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. The selected credential must have an approval code that can be associated with the appropriate device type. For example, if you want to discover G Suite mobile devices, you cannot use a credential whose approval code is generated for Chrome devices. For more information, see Add and edit Google Workspace credentials. | ||||||||
If selected, all Chrome and mobile devices discovered in the next scan are added to inventory. | ||||||||
The details of the service account required to connect to the device and run commands. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. | ||||||||
If selected, all Workspace ONE devices discovered in the next scan are added to inventory. | ||||||||
The time, in seconds, up to 1 minute, after which the connection is closed if there is no activity. | ||||||||
If selected, the appliance imports a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure using agentless management. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager. | ||||||||
The details of the service account required to connect to the device and run commands. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. | ||||||||
SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. | ||||||||
| ||||||||
The time, in seconds, after which the scan ends if no response is returned. | ||||||||
The details of the SNMP v1/v2 credentials required to connect to the device and run commands. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. | ||||||||
The details of the SNMP v3 credentials required to connect to the device and run commands. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. | ||||||||
Use the SSH protocol with authentication. | ||||||||
The time, up to 5 minutes, after which the connection is closed if there is no activity. | ||||||||
Enable the SSH2 protocol for connecting to and communicating with devices. Use SSH2 if you want device communications to be more secure (recommended). | ||||||||
The details of the service account required to connect to the device and run commands. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. | ||||||||
The time after which the scan ends if no response is returned. | ||||||||
The details of the service account required to connect to the device and run commands. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required. | ||||||||
| ||||||||
The time after which the scan ends if no response is returned. | ||||||||
If you select this option, Quest recommends that you set the Timeout value to 10 minutes to decrease the likelihood of erroneous results. Do not combine this scan with the Fast Scan option. Doing so results in only 100 commonly used ports being scanned. | ||||||||
If you select this option, Quest recommends that you set the Timeout value to 30 minutes to decrease the likelihood of erroneous results. Do not combine this scan with the Fast Scan option. Doing so results in only 100 commonly used ports being scanned. If this option is cleared, the appliance does not scan ports using UDP. |
6. |
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule. |
Run in combination with an event rather than on a specific date or at a specific time. | |||||||||||
Every n hours |
|||||||||||
Run daily at a specified time, or run on a designated day of the week at a specified time. | |||||||||||
Run on the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. | ||||||||||
Run on the nth weekday of every month/specific month at HH:MM |
Run on the specific weekday of every month, or a specific month, at the specified time. | ||||||||||
Run according to a custom schedule. Use standard 5-field cron format (extended cron format is not supported): Use the following when specifying values:
| |||||||||||
Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled tasks. Click a task to review the task details. For more information, see View task schedules. |
8. |
To improve the speed and accuracy of Nmap discovery:
• |
Avoid using DNS Lookup. DNS Lookup can slow down scan times by up to 500 percent if you specify an invalid or unreachable IP address for the DNS. |
• |
Run one discovery type at a time. Although it is possible to run multiple discovery types simultaneously, doing so can extend the length of a run and can cause erratic OS detection results. |
• |
Select Nmap Operating System Detection (Best Guess) if you are unsure what to run. This selection can give you a reasonable view into your subnet or subnets. At a minimum, using Best Guess can identify what OSs are on what devices. If you do not get the expected results, for example if some devices appear with unknown as the Operating System, try increasing the timeout value and rerunning the discovery. |
• |
Discovery does not work correctly through a VPN. Use another source for access to the devices. |
If you know that there are devices that should be reported, but are not, they are either:
If the Operating System appears as unknown in the Discovery Results list page:
• |
Check to see if the Nmap checkmark is present in the Nmap column. If not, the device was offline during the scan, and the operating system could not be determined. |
• |
If the Nmap checkmark is present, but the Operating System is unknown, the most likely cause is a firewall that is blocking the ports that Nmap is using to determine what OS is running on the device. |
For example, if you scan using only UDP ports 7 and 161, the device appears online with the Nmap checkmark displayed. However, the Operating System appears unknown, because UDP ports alone are not sufficient to determine what OS is running on the device.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
◦ |
◦ |
Authenticated [WinRM, SNMP, SSH, VMware, Hyper-V]. DNS Lookup, Relay, WinRM, Hyper-V, VMM, SNMP, SSH, and VMware discovery options appear. |
3. |
4. |
◦ |
If you select the Active Directory Discovery Type, enter the IP address of the Active Directory server to be scanned. |
5. |
The hostname or IP address of the name server. | ||||||||
Specify the device that you want to use as a relay for agentless device inventory. Selected relay devices are listed on the following pages:
| ||||||||
Enable the appliance to use a secure port for LDAP communication. | ||||||||
The username of the administrator account on the Active Directory server. For example, username@example.com. | ||||||||
The password of the administrator account on the Active Directory server. | ||||||||
The time, in seconds, up to 1 minute, after which the connection is closed if there is no activity. | ||||||||
This field is only used if you want to monitor a a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure. Ensure this option is cleared. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager. | ||||||||
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||||||
Use the SSH protocol with authentication. | ||||||||
The time, up to 5 minutes, after which the connection is closed if there is no activity. | ||||||||
Enable the SSH2 protocol for connecting to and communicating with devices. Use SSH2 if you want device communications to be more secure (recommended). | ||||||||
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. |
6. |
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule. |
Run in combination with an event rather than on a specific date or at a specific time. | |||||||||||
Every n hours |
|||||||||||
Run daily at a specified time, or run on a designated day of the week at a specified time. | |||||||||||
Run on the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. | ||||||||||
Run on the nth weekday of every month/specific month at HH:MM |
Run on the specific weekday of every month, or a specific month, at the specified time. | ||||||||||
Run according to a custom schedule. Use standard 5-field cron format (extended cron format is not supported): Use the following when specifying values:
| |||||||||||
Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled tasks. Click a task to review the task details. For more information, see View task schedules. |
8. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center