Network Discovery gives you a complete, birds-eye view of your workgroup and domain controller (DC) networks with detailed information on each device. Identifying and dealing with security vulnerabilities, network slowness, aging OS info (and more!) has never been easier.
This article describes:
Set up a customer scan
Once you've activated Network Discovery, it's time to scan your customer networks.
- You'll need to install the Atera Agent on at least one of your customer's Windows devices to set up the network scan.
- The scanning agent must be online to run the scan. If offline, the scan will run once it comes back online.
- Once a scan is activated, it will begin immediately and run in the background at regular, scheduled intervals.
- The scan will continue to run if the public IP address of the scanning agent changes.
- We recommend scanning your networks with a domain controller. Doing so enables retrieval of maximum network information, plus additional capabilities (such as remote agent installation within Network Discovery). For more information on setting up DC scans, click here
- Network Discovery does not work for cloud environments.
To set up a Network Discovery scan:
1. From Network Discovery (on the sidebar), click Set up scan on the customer you want to scan.
The Scan Settings page appears.
2. Select your customer's public IP(s).
Note: By default, scans will continue to run if the public IP address of the scanning agent changes. There are two benefits to this. The first is that if a scanning agent's IP address changes, it will still scan the network. The second is that even if the scanning agent is physically removed from the network, scans will resume automatically once it's returned.
3. Select the scanning agent(s) for their associated subnets.
Note: You can toggle scanning agents to prevent scanning specific networks.
4. Click Advanced. The Advanced settings appear.
5. Set the scan frequency.
6. Select the Port Range. We recommend selecting the top 100 ports. For more information, see Network Discovery: Security scans
- Top 100 ports: This is the default scan for basic device and OS detection.
- Top 1000 ports: This includes the ‘Top 100 ports’ + 1000 most common ports.
- Custom: This includes the ‘Top 100 ports’ + a custom port range and scan speed.
Note: Selecting 'Custom' will make the scan take longer.
If you've selected 'Custom' Port Range, you can specify the desired range, plus customize the following:
- Scan Speed:
-T1 sneaky: Super slow for IDS evasion.
-T2 polite: Slow for reduced bandwidth/target-machine resource usage.
-T3 normal: Normal speed (the default).
-T4 aggressive: Fast. Assumes the network is reasonably fast and reliable.
-T5 insane: Super fast. Assumes the network is extraordinarily fast, or that you're willing to sacrifice some accuracy for speed.
'TCP' is automatically selected.
Note: ('TCP and UDP' coming soon).
- Scan Speed:
7. Click Start scan.
- If changing preconfigured settings, and you select a domain controller as the scanning agent, you’ll need to enter the credentials when prompted, optionally enable WMI/WinRM, and click Scan.
The scan starts. Check back in a few minutes to see your customer's network devices.
For more information on each tab, see Network Discovery: Scan results and actions
The complete scan results, including the Workstations/Servers, SNMP, and Storage device sections can be exported as an Excel file by clicking the Export XLS button.
Note: If an SNMP device that you want to monitor does not use SNMP v1 and "Public" as the Community String, the device will appear as a Workstation instead of an SNMP device in the Network Discovery scan.
Deactivate a customer scan
To stop a customer's scan from running, click the ‘Active’ pill (next to Scan Settings) and select Inactive.
Note: This is easily reversible. When activating the customer's scan again, the scan will run immediately after and at the defined schedule.