Configuring Direct Network Scan Audit Sources
You configure a Direct Network Scan Audit Source when you create a new Site, or create or modify an Audit Source within an existing Site. Before configuring a Direct Network Scan Audit Source, make sure you have configured a proper Audit Profile.
To create a Direct Network Scan Audit Source:
-
In the Sidebar, right-click the Site where you want to create the audit source and select Properties from the pop-up menu.
-
Under Audit Sources, click New > Direct Network Scan.
-
Fill out the source details in the Direct Network Scan Audit Source [Source Name ] window.
-
Click OK.
To edit the properties of an existing Direct Network Scan Audit Source, do the following:
-
Open the Site, to which the source belongs, by right-clicking the Site in the Sidebar and selecting Properties from the pop-up menu.
-
Double-click the source under Audit Sources.
-
Modify the source as needed in the Direct Network Scan Audit Source [Source Name] window.
-
Click OK.
Direct Network Scan Audit Source [Source Name ] window
The properties of Direct Network Scan Audit Source are shown in the Direct Network Scan Audit Source [Source Name ] window where they are organized on the following tabs: General and Options.
General tab
Here you can review and modify the basic properties of a Direct Network Scan Audit Source.
Site Tag - displays the tag of the Site to which the Audit Source belongs. You can not edit this field.
Name - shows the name of the source as it appears in the Audit Sources section of the corresponding Site's window.
Audit Scope - allows you to configure the scope of your network to audit. The scope can consist of one or several network segments. To add a network segment to the audit scope, click New and select a desired network segment form the list:
-
Domain - allows you to audit the computers within an entire Windows Domain (for details, see Select Domain window).
-
Organizational Unit - allows you to audit a chosen container from the Active Directory of your Windows Domain. To select a container, in the Browse for Container window, choose the desired one, and click OK. The LDAP path to the Active Directory container (such as LDAP://CN=Users,DC=toronto,DC=zeus,DC=com) appears in the Audit Scope section.
-
Computer - allows you to audit a single computer by its name (for details, see Select Computer window).
-
IP Address - allows you to audit a single computer by its IP address (for details, see Select IP Address window).
-
IP Address Range - allows you to audit a range of computers within a specified IP address range (for details, see Select IP Address Range window).
Credentials section - choose the accounts to be used for the Direct Network Scan of computers and discovering network devices in this source. The section includes the following fields and controls:
-
Windows - select the credentials to audit Windows computers in the audit source. The account that you assign for auditing Windows computers must be a member of the local Administrators group on each Windows client machine (either directly or through the membership in a Windows domain group). You can choose the credentials either in the drop-down list or in the Select Audit Credentials window that opens on clicking the ellipsis button . To edit the credentials, click the ellipsis button , select the credentials to edit in the list, click Edit, edit the credentials as needed, and click OK. To create a new credentials set, click the ellipsis button , click New, define the credentials, and click OK.
-
Linux and Mac - select the credentials to audit Linux and Mac computers in the audit source. You must assign the credentials that allow logging on to these computers. It is recommended that you use credentials of an account with administrative privileges. You can choose the credentials either in the drop-down list or in the Select Audit Credentials window that opens on clicking the ellipsis button . To edit the credentials, click the ellipsis button , select the credentials to edit in the list, click Edit, edit the credentials as needed, and click OK. To create a new credentials set, click the ellipsis button , click New, define the credentials, and click OK.
-
ESXi/vSphere/Citrix - select the credentials to audit ESXi/vSphere and Citrix hypervisors in the audit source. You must assign the credentials that allow logging on to these computers. It is recommended that you use credentials of an account with administrative privileges. For Citrix hypervisors, audit credentials must allow logging to the computers using the SSH protocol. You can choose the credentials either in the drop-down list or in the Select Audit Credentials window that opens on clicking the ellipsis button . To edit the credentials, click the ellipsis button , select the credentials to edit in the list, click Edit, edit the credentials as needed, and click OK. To create a new credentials set, click the ellipsis button , click New, define the credentials, and click OK.
-
SNMP - select the credentials to access SNMP data on network devices being discovered. You can choose the credentials either in the drop-down list or in the Select Audit Credentials window that opens on clicking the ellipsis button . To edit the credentials, click the ellipsis button , select the credentials to edit in the list, click Edit, edit the credentials as needed, and click OK. To create a new credentials set, click the ellipsis button , click New, define the credentials, and click OK.
NOTE: Alloy Discovery supports SNMPv1, SNMPv2c, and SNMPv3 versions.
Audit Profile - allows you to choose the Audit Profile to use. You can choose the audit profile either in the drop-down list or in the Select Audit Profile window that opens on clicking the ellipsis button . To edit the audit profile, click the ellipsis button , select the audit profile to edit in the list, click Edit, edit the profile as needed, and click OK. To create a new audit profile, click the ellipsis button , click New, define the profile, and click OK.
Schedule and Start at - allows you to configure the schedule for auditing the source automatically.
Use separate schedule for software and file scan (optional) - when clear, Alloy Discovery scans computers’ hard drives each time the source is audited. When the check box is selected, you can set a separate schedule for scanning computers’ hard drives.
NOTE: Separate scheduling for the file scan is available if only the current Audit Profile has the File Scan option enabled or its Software Discovery option is set to Discover installed software and recognize software in files. For details, see Software Discovery, File Scan.
Options tab
On this tab, you can modify the method for discovering new computers and devices in the source.
-
Discovering - define the options for discovering IP addresses:
-
Discover only computers and devices that respond to ping requests - when selected, defines to discover only nodes that are available on the network.
-
Connection timeout - allows you to enter the maximum amount of time in milliseconds that will be used to establish connection with the target computer or device. If Alloy Discovery is unable to establish connection with a particular computer within the specified interval, that computer will be considered unavailable. Applicable to the IP Address Ranges only.
-
Enable SNMP discovery - when selected, enables discovery using SNMP in a Direct Network Scan Audit Source.