Step 1: Discovery
Discovery is the act of interrogating TCP/IP networks to identify network-attached physical and virtualized platforms upon which software executes.
Discover all platforms across the network and categorize these into those which have the potential to run Enterprise Software (i.e Oracle) and those which do not with minimal impact.
This is to ascertain potential financial exposure from licensing requirements.
Discovery - The questions you need to ask yourself
- What tools do you use to monitor your environment?
- Are there platforms for which you don’t have discovery? (MAC, Virtual, Cloud, UNIX/Linux)
- What percentage of your estate is covered by discovery tools?
- What processes do you have which are fed by discovery data?
Discovery is the process of finding and identifying all platforms on which software resides. This first step is essential in developing a complete Software Asset Management strategy.
As the use of technology has evolved so has the requirement in the inventory of new technologies - often virtual or off network like Software as a service (SAAS), Infrastructure as a service (IAAS) and mobile devices. Organizations will see more of their technologies spent in cloud services and mobile assets. It is specially important as many cloud and mobile technologies are onboarded with little or no involvement of IT which results in lack of visibility making it increasingly difficult for SAM and security teams to fulfill their roles. It is critical to have an internal solution that provides appropriate discovery capabilities for the different technologies used within the environment. Essential for effective SAM is the ability to discover every asset in the estate, that consumes software. A good inventory solution provides complete asset discovery as well as revealing the blind spots in the IT network. This means computers, servers, mobile devices, tablets, all connected network devices like routers printers and firewalls. Many customers invested in these capabilities like SCCM. It is critical that you have 100% visibility into the entire estate.
The Snow Way
With Snow Inventory, Computers and devices can be discovered using LDAP lookups in an Active Directory, or by using the following technologies for network discovery on specific IP address ranges:
- SNMP (SNMPv1)
- ICMP (“ping”)
- TCP/IP fingerprinting
- DNS lookup
- NIC manufacturer lookup.
When TCP/IP fingerprinting is enabled, discovery will attempt to identify the type of OS installed on the device.For details about the discovery criteria and the columns included in each discovery view, see the following tables.
It is also possible to configure the Snow Inventory server to perform an Active Directory discovery using LDAP or secureLDAP for both devices and users. Multiple LDAP paths can be configured (for i.e. different subnetworks).
You can then check the result of there in the built-in report in Snow License Manager named "Discovered assets that are not inventoried". In the column "Source" you will be able to see the origin of the discovered asset.