Help Center
Log in
Log in

How can we help?

Common topics:

AI, Tickets, Agents
Help Center
MSP
IT Department
In this Article:

    Related articles

    1. Atera Support
    2. Library
    3. RMM
    4. RMM FAQs

    Network Discovery FAQ

    Dragos Gabriel Tulbure

    Atera's Network Discovery feature offers a comprehensive security scan and a comprehensive overview of all end-user networks and devices. It continuously updates itself to provide an up-to-date and complete view of the network environment. With the Network Discovery software add-on, you can easily monitor and track all digital assets and open ports within the networks you manage, regardless of network firewalls.

     

    Frequently asked questions

    This section will cover the frequently asked questions regarding Network Discovery.

     

    Q: What is Network Discovery?

    A: Atera's Network Discovery feature is designed to identify and catalog all devices connected to a network, whether they are connected via WiFi or Ethernet. By scanning the entire network, it gathers information about the network components and creates a comprehensive inventory. It continuously updates to provide an up-to-date view of the environment and can surface open ports and detected CVE exposures to help assess security posture.

     

    Q: How much does Network Discovery cost?

    A: Network Discovery is developed in-house by Atera and is included with the Enterprise plan. For other plans, it’s available as an optional paid add-on. For more info, see our pricing page

    A: Network Discovery is developed in-house by Atera and is included with the Superpower plan. For other plans, it’s available as an optional paid add-on. For more info, see our pricing page

     

    Q: How can I activate Network Discovery?

    A: For instructions activating and getting started with Network Discovery, see Activate Network Discovery

     

    Q: How does Network Discovery function?

    A: Network Discovery operates by employing a scanning agent to scan your network.

    Once the scan is completed and devices are detected, you can proceed to install the Atera Agent on detected Windows, macOS, and Linux devices.

    Additionally, you can add SNMP devices (printers, scanners, routers, etc).

     

    Q: Can I install the Atera Agent on all devices detected by Network Discovery?

    A: Yes, it is possible to install the Atera Agent on any Windows device (workstation or server) detected by Network Discovery. It is not possible to install the Atera Agent on macOS or Linux devices through Network Discovery.

     

    Q: How to remove/ delete Network Discovery results/ scans?

    A: At this time, there is no option to permanently delete an entire scan or its results. However, you can mark the scan as Inactive to stop any ongoing or future scans. Once the scan is inactive, you can select all devices associated with that scan and remove them as needed.

     

    Q: Which devices can be used as a scanning agent for Network Discovery?

    A: You can scan networks using a Windows device configured as a domain controller or workgroup scanner. However, it is not possible to run a Network Discovery scan from macOS or Linux devices.

     

    Q: What types of networks are compatible with Network Discovery?

    A: Network Discovery is compatible with both Workgroup and Domain networks. It supports on-premises environments only and does not scan Azure Active Directory instances or other cloud-based networks.

     

    Q: How does the scan for Workgroups work?

    A: Network Discovery uses Nmap to scan your Workgroup network and identify all connected devices.

     

    Q: What is Nmap?

    A: Nmap is a network scanning tool used to discover hosts and services on a computer network. It works by sending packets and analyzing the responses received from the network devices. For more info, see Nmap and Network Discovery

     

    Q: Do I need to manually install Nmap on my scanning agent for it to work?

    A: No, you do not need to manually install Nmap on your scanning agent. When you initiate a network scan using Network Discovery, the installation of Nmap OEM and Npcap OEM will be automatically handled for you. This installation occurs on the scanning agent itself. It's important to note that devices discovered during the Network Discovery scan will not have Nmap or Npcap installed on them.

     

    Q: How does the scan for a Domain network work?

    A: The scan for a Domain network in the Network Discovery feature utilizes a domain controller to identify devices that are part of the domain. Additionally, it identifies devices that are connected to the same network as the domain controller. In addition to the domain-specific scan, Network Discovery also leverages Nmap to find devices that are not part of the domain but are present on the same network as the scanning agent. This comprehensive approach ensures that both domain and non-domain devices are discovered during the scan.

     

    Q: How can I initiate a Network Discovery scan?

    A: To learn how to initiate a Network Discovery scan, please refer to the articles provided below. These resources will provide you with step-by-step instructions on how to perform a Network Discovery scan and make the most out of this feature.

     

    Q: Is it possible to automate scheduled Network Discovery scans?

    A: Yes, you can schedule Network Discovery scans to run on a daily, weekly, or monthly basis.


    Q: Is it feasible to establish multiple schedules for Network Discovery within a single day?

    A: No, Network Discovery scans can be scheduled only once per day, and multiple schedules within a day are not supported. 

     

    Q: What information can I access once the Network Discovery scan is completed?

    A: After completing a Network Discovery scan, you can access the following information about the discovered devices:

    • For Windows, macOS, and Linux devices, the information includes the device name, round-trip time (RTT), device type, IP address, MAC address, manufacturer, operating system (OS) platform, OS information, and OS age.
    • For SNMP devices, the information includes device name, status, device type, IP address, MAC address, manufacturer, device model, serial number, and description.

    For more info, see Network Discovery: Scan results and actions

     

    Q: What actions can I take once the Network Discovery scan is completed?

    A: Once the Network Discovery scan is completed, there are several actions you can take, including:

    • Install the Atera Agent on detected Windows devices
    • Investigate open ports and CVEs
    • View reports on network information
    • Export to Excel for further analysis or documentation

    For more info, see Network Discovery: Scan results and actions

     

    Q: Does Network Discovery provide details about the device's storage?

    A: Yes, Network Discovery provides you with details about the storage of discovered devices (for domain controller scans). These details include the disk type, manufacturer, model, disk usage (in GB) out of the total capacity, disk usage percentage, partitions, media type, interface type, number of bad sectors, disk age, and serial number. This information allows you to have insights into the storage configuration and health of the devices found during the Network Discovery scan. For more info, see Network Discovery: Scan results and actions

     

    Q: Does Network Discovery provide security details about the scanned network?

    A: Yes, Atera's Network Discovery feature offers comprehensive security details about the scanned network. It allows you to scan for open ports on your customers' networks, helping you identify potential security vulnerabilities. Additionally, Network Discovery provides a list of all Common Vulnerabilities and Exposures (CVEs) found on the network, providing valuable insights for assessing and addressing security risks. For more info, see Network Discovery: Security scans

     

    Q: Can I configure alerts for Network Discovery?

    A: Yes, you can set up alerts for various events in Network Discovery. These include newly detected unmonitored workstations, servers, and SNMP devices, scanning agents that have gone offline, scanning agents with changed IP addresses, and common vulnerabilities and exposures (CVEs). For more info, see Network Discovery: Alerts

     

    Q: What settings are necessary for a successful domain scan in Network Discovery?

    A: To ensure a successful domain scan in Network Discovery, there are several network requirements, which are outlined in the following articles:

     

    Q: What subnets are compatible with Network Discovery?

    A: Network Discovery is designed to support network scanning for subnets with a size of /20 and above. However, it does not currently support scanning of subnets with a size of /16. It is important to ensure that the network you plan to scan falls within the supported range of /20 and above to ensure the Network Discovery feature functions optimally.

     

    Q: What domain role is required for the scanning agent to perform a domain scan?

    A: To execute a domain scan successfully, the scanning agent must have the role of Primary Domain Controller (PDC). This role is necessary for the Network Discovery scan to function effectively within the domain network.

     

    Q: What permissions are needed for the domain account used to initiate the Network Discovery scan?

    A: The domain account used for Network Discovery must be a member of the Domain Admins group. This membership is necessary to ensure that the account has the appropriate permissions to perform the network scanning and discovery tasks effectively. For more info, see Network Discovery: Troubleshoot

     

    Q: Does Network Discovery work over a VPN?

    A: No, Network Discovery does not function over a VPN.

     

    Q: Can I run Network Discovery without installing agents on every device?

    A: Yes, only one Windows device needs the Atera agent to act as the scanning agent for the subnet. It inventories all IP-reachable devices (including PLCs, IoT, printers, etc.) via Nmap without installing software on each device.

     

    Q: Why can’t I automatically deploy the Atera agent to all discovered devices?

    A: Automatic deployment is limited to Windows devices. macOS, Linux, and Workgroup devices do not support push install via Network Discovery.

     

    Q: Why isn’t the scan finding any devices?

    A: Ensure the scanning agent and targets are on the same subnet (scans don’t cross VLANs/VPNs), the subnet size is supported (/20 and above; /16 not supported), and local firewall/ACL rules allow discovery traffic.

     

    Q: Can Network Discovery scan devices across VLANs or remote networks?

    A: No. Scans are limited to the local subnet. To discover other segments, deploy additional scanning agents with direct access to those networks.

     

    Q: What alerts and reporting can I expect?

    A: You can configure alerts for:

    • New/unmonitored workstations
    • New/unmonitored SNMP devices
    • Scanning agent offline
    • Scanning agent IP change
    • CVE detection

    Results and inventories can be exported to Excel for analysis.

     

    Q: Can I install agents in bulk or automate agent deployment?

    A: Yes. You can install agents manually or automate it — the Atera Agent can be auto-installed on detected Windows devices, and SNMP devices can be automatically monitored once detected.

     

    Q: Is it possible to remove unused items in the menu next to Network Discovery?

    A: No, it is not currently possible to remove or hide the numbers displayed next to the Network Discovery tab.

     

     

    Copyright © Atera Networks Ltd.2023

    apple store app google play app

    AICPA SOC for Service Organizations and ISO 27001 certified