Why Network Discovery Tools are useless, unless...
Hi folks,
You might be surprised by that title when you know me and what we are doing in JDisc. A vendor for network discovery solutions says that network discovery tools are useless.
Of course, I am not saying that network discovery tools are completely useless, but some crucial features limit the value of network discovery tools when missing. Let's start a fictive journey of an IT admin introducing a network discovery software.
Peter, the IT admin of a medium-sized company with 5000 seats, wants to introduce a network discovery tool to improve the IT asset management database and IT support effectiveness and identify issues regarding network security by identifying shadow IT or outdated operating systems and software.
After searching the web for some, he finds several solutions and tests them within one of his test networks. One of the solutions seems to be a good fit, and he orders the software.
First claim:?Testing the software within a limited network range is insufficient. You should always test a network discovery solution in your whole environment to see whether it scales and can deal with all kind devices on your network.
Now, the network discovery solution is installed on our of Peter's servers. The initial configuration is done quickly and the first scan is started.
After installing the software on one of his servers, Peter performs the initial configuration and kicks off the first scan. After a while, the first scan finished, and we scanned 4732 laptops and 143 Windows servers running on VMware or physical hardware.
How Complete is your Discovery?
Proudly, he presents the data to his manager. The manager has one question: "Did we get all Laptops and Servers from Active Directory?". Peter was not prepared to that question and tried to find out whether he got all devices from AD. Unfortunately, the solution did not offer any help on that and he had to write scripts to compare the scan database with AD.
Second claim: Network discovery tools are useless when they don't offer any capabilities to judge the completeness of the discovered data. Or at least an indication of whether you have 60%, 70%, or 90% of the devices in your database.
For example, JDisc Discovery provides a report comparing the number of devices registered in AD with the number of scanned devices. For instance, for our test domain "JDISCLAPS.LOCAL", we scanned 0 computers out of 1 that is registered!
How current is your Data?
Peter configured the solution to scan the network on a regular base. However, some laptops are not always reachable, so we don't have any current data from the devices. Peter detects this issue while troubleshooting the data for a laptop with a software problem. The scanned data is four weeks old and not current. It does not help to troubleshoot the issue.
Now, he asks himself how many other laptops face similar issues.
Third claim: network discovery tools are useless when you are not able to get a quick impression on how current your data is. Working with outdated and obsolete data is useless.
Therefore easy reporting about the age of the information is crucial.
What's your Data Quality?
When scanning large environments, knowing the overall data quality can be difficult. Peter detected that some of his Windows computers did not include all hardware and software details due to firewall or access credential issues.
Now, he questions himself. What is the overall data quality of my Windows computers? How many other Windows computers face similar issues?
领英推è
Fourth claim: network discovery tools are useless when you don't have an easy way to get data about your data quality. Did you get all the data that you are supposed to get? If not, how many devices are affected?
JDisc Discovery provides a special report that indicates the data quality for different operating systems like Windows, Unix, or Linux.
How easily can you troubleshoot Discovery Issues?
Peter's manager was on the golf course and talked to one of his peers in another company. His peer talked about an Oracle license audit they had in their company and how badly prepared his company was.
Of course, Peter's manager wanted to avoid running into the same issue and asked Peter to prepare a list of all Oracle database servers to prepare for a possible audit.
Peter ran a report in his discovery tool, but he felt the number of Oracle installations was lower than expected. So he made some checks, and he found a Linux server within the development department that he knows has Oracle installed. However, the discovery solution did not detect the installation. Now, the question is why?
Claim five: network discovery tools without any troubleshooting capabilities are useless. Having no troubleshooting possibilities makes it nearly impossible to identify the root cause for a data collection issue.
JDisc Discovery offers two levels of details. The high level overview lists all network protocols together with its status. For instance, when you scan a Linux computer via SSH and the SSH status is Port not reachable, then you know that either the SSH daemon is not running or a firewall blocks the port.
In many cases, you need a deeper investigation into what happened during the scan. For this purpose, JDisc Discovery offers a very detailed discovery log. It logs any discovery activity on the device down to the command line tools called from the Linux shell.
This log can either be useful for customers using our software or will also be part of a so-called Support ZIP that customers can submit to our support to investigate issues. In many cases, the log, together with the application logs, is sufficient for our development team to identify the root cause of a failure.
And of course it is essential, that the solution vendor has quick release cycles to make enhancements, fixes, and changes quickly available to users.
Some final words...
Feel free to also browse our JDisc Discovery blog on https://jdisc.com/jdisc-blog.
And of course everybody is invited to try our software! You find a free trial on https://jdisc.com/downloads/download-professional-edition/
I hope you liked my article, and I am looking forward to your insights, responses, and ideas...
See you
Thomas