• |
• |
Thorough Discovery: You can use this type of discovery to get more device information than what is available from the "what and where" type. See Add a Discovery Schedule for a thorough scan of managed Windows, Mac, Linux, and UNIX computers. |
• |
Third-party Discovery: A different type of thorough discovery that is aimed at certain computer devices that are not Windows-, Mac Os X-, or Linux-based. See Add a Discovery Schedule for a G Suite device and Add a Discovery Schedule for a Dell Mobility Management (DMM) device. |
If you want to add an Nmap Discovery Schedule, there are several issues to consider. See Things to take into consideration with Nmap discovery.
1. |
a. |
Log in to the K1000 Administrator Console, http://K1000_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
◦ |
◦ |
◦ |
◦ |
External Integration [G Suite, Dell Mobility Management, AirWatch]. G Suite, Dell Mobility Management, and AirWatch discovery options appear. |
◦ |
Authenticated (WinRM, SNMP, SSH/Telnet). DNS Lookup, WinRM, SNMP, and SSH/Telnet discovery options appear. |
◦ |
◦ |
3. |
4. |
In the IP Address Range field, enter an IP address range to scan. Use hyphens to specify individual IP address class ranges. For example, type 1-255 in the right-most box to scan for all IP addresses between 1 and 255 inclusive. |
5. |
6. |
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule. |
Run in combination with an event rather than on a specific date or at a specific time. | |
Every n minutes/hours |
|
Run daily at a specified time, or run on a designated day of the week at a specified time. | |
On the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. |
8. |
To improve the speed and accuracy of Nmap discovery:
• |
Avoid using DNS Lookup. DNS Lookup can slow down scan times by up to 500 percent if you specify an invalid or unreachable IP address for the DNS. |
• |
Run one discovery type at a time. Although it is possible to run multiple discovery types simultaneously, doing so can extend the length of a run and can cause erratic OS detection results. |
• |
Select Nmap Operating System Detection (Best Guess) if you are unsure what to run. This selection can give you a reasonable view into your subnet or subnets. At a minimum, using Best Guess can identify what OSs are on what devices. If you do not get the expected results, for example if some devices appear with unknown as the Operating System, try increasing the timeout value and rerunning the discovery. |
• |
Discovery does not work correctly through a VPN. Use another source for access to the devices. |
If you know that there are devices that should be reported, but are not, they are either:
If the Operating System appears as unknown in the Discovery Results list page:
• |
Check to see if the Nmap checkmark is present in the Nmap column. If not, the device was offline during the scan, and the operating system could not be determined. |
• |
If the Nmap checkmark is present, but the Operating System is unknown, the most likely cause is a firewall that is blocking the ports that Nmap is using to determine what OS is running on the device. |
For example, if you scan using only UDP ports 7 and 161, the device appears online with the Nmap checkmark displayed. However, the Operating System appears unknown, because UDP ports alone are not sufficient to determine what OS is running on the device.
If you want to add an Nmap Discovery Schedule, there are several issues to consider. See Things to take into consideration with Nmap discovery.
1. |
a. |
Log in to the K1000 Administrator Console, http://K1000_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
◦ |
◦ |
◦ |
◦ |
External Integration [G Suite, Dell Mobility Management, AirWatch]. G Suite, Dell Mobility Management, and AirWatch discovery options appear. |
◦ |
Authenticated (WinRM, SNMP, SSH/Telnet). DNS Lookup, WinRM, SNMP, and SSH/Telnet discovery options appear. |
◦ |
◦ |
3. |
4. |
In the IP Address Range field, enter an IP address range to scan. Use hyphens to specify individual IP address class ranges. For example, type 1-255 in the right-most box to scan for all IP addresses between 1 and 255 inclusive. |
5. |
Enable a port scan using UDP (User Datagram Protocol). Use a comma to separate each port number. | ||||
The username of the administrator account on the Active Directory server. For example, username@example.com. | ||||
The password of the administrator account on the Active Directory server. | ||||
If selected, any Chrome devices will be discovered in the next scan. | ||||
If selected, any G Suite mobile devices will be discovered in the next scan. | ||||
The details of the account that is used to connect to the Chrome device. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. For more information, see Add and edit Google OAuth credentials. | ||||
If selected, all Chrome and mobile devices discovered in the next scan are added to inventory. | ||||
Dell Mobility Management (DMM) manages and provides access to smartphones and tablets | ||||
The region of the DMM Service, either US or EMEA. | ||||
The details of the admin account that is used to connect to the DMM Service. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||
If selected, all DMM devices discovered in the next scan are added to inventory. | ||||
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||
If selected, all AirWatch devices discovered in the next scan are added to inventory. | ||||
The time, in seconds, up to 1 minute, after which the connection is closed if there is no activity. | ||||
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||
SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. | ||||
| ||||
The time, in seconds, after which the scan ends if no response is returned. | ||||
The details of the SNMP v1/v2 credentials required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||
The details of the SNMP v3 credentials required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||
Use SSH or Telnet protocols with authentication. | ||||
The time, up to 5 minutes, after which the connection is closed if there is no activity. | ||||
Enable the SSH2 protocol for connecting to and communicating with devices. Use SSH2 if you want device communications to be more secure (recommended). | ||||
Enable the Telnet protocol for connecting to and communicating with devices. | ||||
| ||||
The time after which the scan ends if no response is returned. | ||||
If you select this option, Quest recommends that you set the Timeout value to 10 minutes to decrease the likelihood of erroneous results. Do not combine this scan with the Fast Scan option. Doing so results in only 100 commonly used ports being scanned. | ||||
If you select this option, Quest recommends that you set the Timeout value to 30 minutes to decrease the likelihood of erroneous results. Do not combine this scan with the Fast Scan option. Doing so results in only 100 commonly used ports being scanned. If this option is cleared, the appliance does not scan ports using UDP. |
6. |
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule. |
Run in combination with an event rather than on a specific date or at a specific time. | |
Every n minutes/hours |
|
Run daily at a specified time, or run on a designated day of the week at a specified time. | |
On the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. |
8. |
To improve the speed and accuracy of Nmap discovery:
• |
Avoid using DNS Lookup. DNS Lookup can slow down scan times by up to 500 percent if you specify an invalid or unreachable IP address for the DNS. |
• |
Run one discovery type at a time. Although it is possible to run multiple discovery types simultaneously, doing so can extend the length of a run and can cause erratic OS detection results. |
• |
Select Nmap Operating System Detection (Best Guess) if you are unsure what to run. This selection can give you a reasonable view into your subnet or subnets. At a minimum, using Best Guess can identify what OSs are on what devices. If you do not get the expected results, for example if some devices appear with unknown as the Operating System, try increasing the timeout value and rerunning the discovery. |
• |
Discovery does not work correctly through a VPN. Use another source for access to the devices. |
If you know that there are devices that should be reported, but are not, they are either:
If the Operating System appears as unknown in the Discovery Results list page:
• |
Check to see if the Nmap checkmark is present in the Nmap column. If not, the device was offline during the scan, and the operating system could not be determined. |
• |
If the Nmap checkmark is present, but the Operating System is unknown, the most likely cause is a firewall that is blocking the ports that Nmap is using to determine what OS is running on the device. |
For example, if you scan using only UDP ports 7 and 161, the device appears online with the Nmap checkmark displayed. However, the Operating System appears unknown, because UDP ports alone are not sufficient to determine what OS is running on the device.
1. |
a. |
Log in to the K1000 Administrator Console, http://K1000_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
◦ |
◦ |
Authenticated [WinRM, SNMP, SSH/Telnet]. DNS Lookup, WinRM, SSH/Telnet, and SNMP discovery options appear. |
3. |
4. |
◦ |
If you select the Active Directory Discovery Type, enter the IP address of the Active Directory server to be scanned. |
5. |
The username of the administrator account on the Active Directory server. For example, username@example.com. | ||||
The password of the administrator account on the Active Directory server. | ||||
The time, in seconds, up to 1 minute, after which the connection is closed if there is no activity. | ||||
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. | ||||
Use SSH or Telnet protocols with authentication. | ||||
The time, up to 5 minutes, after which the connection is closed if there is no activity. | ||||
Enable the SSH2 protocol for connecting to and communicating with devices. Use SSH2 if you want device communications to be more secure (recommended). | ||||
Enable the Telnet protocol for connecting to and communicating with devices. | ||||
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. |
6. |
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule. |
Run in combination with an event rather than on a specific date or at a specific time. | |
Every n minutes/hours |
|
Run daily at a specified time, or run on a designated day of the week at a specified time. | |
On the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. |
8. |
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy