The following topics are provided:
Features and options
The following are the frequently asked questions (FAQs) about discovery features and options in
BMC Helix Remedyforce:
Agentless discovery is included in the
BMC Helix Remedyforcelicense at no additional cost. You get the ability to natively and intuitively configure and populate the Remedyforce CMDB in few, easy steps.
With the agentless discovery, you install agents (or scanners) on at least one device in your network. These devices (based on the configurations that you set) scan your network for devices and send the scanned devices information to the Remedyforce CMDB.
Agentless discovery does not require an agent on each device. Both discovery options provide device details. The following table lists the additional capabilities provided by agent discovery:
|Capability||Agentless discovery||Agent discovery|
|Access to device details|
BMC Remedyforce Agentless Discovery empowers you to scan, identify, and manage devices on your network. With a simple and intuitive interface, setup is quick and easy. Once enabled and configured, your Remedyforce CMDB is populated with a wealth of device information including hardware configurations and software installations. The benefits of direct access to this information include:
- Proactive management by automating discovery to know what is available in your network
- Empower the support team
- Increase first call resolution rates
- Reduce support call times
Yes, to perform the agentless discovery, at least one scanner must be installed.
You can continue using your existing discovery tool.
Note: To avoid possible record duplication, ensure that there is no overlap across the multiple discovery tools, discovering the same IP addresses.
Remedyforce Client Management is an extension of the agentless discovery capabilities provided with
BMC Helix Remedyforcestarting with the Summer 16 release. Remedyforce Client Management provides a range of advanced capabilities empowering you to more efficiently and proactively manage and support your devices.
The capabilities include agent discovery, remote management, hardware and software compliance, software normalization, patch management and deployment management. In addition to these capabilities, the solution delivers “advanced actions” while empowering you to define rules and actions to ultimately become more proactive and reduce the number of support calls. For example, you could define an advanced action to monitor drive space and either automatically create an incident when a device hits a certain threshold or perform an action (for example, disk cleanup) to free up additional drive space.
The BMC Remedyforce Client Management application server, also known as the Master server, is hosted as a unique instance in a server pool and has a single associated database instance that is used to store various data constructs. The Java based BMC Client Management administration console and devices under BMC Client Management connect to the application server through its public DNS name. This configuration allows administration of any child devices that have an active Internet connection.
In addition, an on premise site relay can be optionally implemented as a local parent for up to 2000 site clients to reduce the amount of Internet traffic generated between the site and the hosted application server.
Multiple licenses are available to enable discovery in
BMC Helix Remedyforce. The agentless discovery is free. For more information, see Supported discovery licenses and features .
An on premise device behind an unmanaged firewall that can connect to a public Internet IP address and port will create a managed network tunnel used by only the client executable. The client maintained network tunnel allows for bi-directional traffic between the on premise client and the public facing hosted application server.
BMC Remedyforce Client Management can manage several hundred thousand client workstations. The hosted application server (or the Master Server) can manage up to 5,000 simultaneous client connections. Each client can be either a standalone workstation or a dedicated on premise site relay. Each site relay can manage up to 2,000 client workstations using a parent–child hierarchy.
Consider the following points while deciding an option suitable for you:
- The new integration for the discovery feature replaces Pentaho with web services. As a result, no on premise component is required for the integration.
- Currently, you cannot modify the mappings between discovery and Remedyforce, which is an option with Pentaho.
BMC Remedyforce discovery and BMC Discovery provide agentless discovery, however, BMC Remedyforce Client Management provides a number of capabilities, such as software identification, metering, and compliance. BMC Discovery focuses on the datacenter, providing more in-depth discovery for specific datacenter environments. The following table highlights the primary differences:
|Feature||Remedyforce Client Management||BMC Discovery|
|Device Scan for installed software|
|Discovery of hardware details, such as memory, processor, BIOS information|
|Discovery of operating system and details|
|Automatic Network Device – Computer Relationships|
|Discovery of Network Interface MAC Addresses|
|Scheduled Discovery Scans|
|Discovery of Load Balancer Devices|
|Virtual Host to Guest Relationships||-|
|Software Catalog (Desktop Software)||-|
|Software License Management||-|
|Ability to create and manage dynamic device groups||-|
|Ability to dynamically discover AD computers||-|
|Deep discovery of application details such as websites and internal databases||-|
|Discovery of Fiber Channel HBA Cards||-|
|Discovery of Host Containers, Blade Enclosure||-|
|Discovery of Listening Ports||-|
|Discovery of Load Balancer Services, Pools, Members, and Instances||-|
|Discovery of Observed Communication between Devices||-|
|Extended Discovery to Perform additional commands and read configuration files||-|
|Network Device Port and Speed Mismatch||-|
|Port Speed and Duplex information for all Network Interfaces||-|
|Software Catalog (Enterprise Server Software)||-|
|Data Provenance for Ready Data Validation||-|
|Business Application Modeling||-|
|File System to Storage Volume Relationships||-|
|Host to Load Balancer Relationships||-|
|Server to Cluster Relationships||-|
|Server to Server Dependency Relationships||-|
|Server to Storage Dependency Relationships||-|
|Software to Software Communication Relationships||-|
Yes. Once devices are saved as configuration items (CIs) or assets in
BMC Helix Remedyforceand shown in the Remedyforce CMDB tab, you can apply normalization rules and models on these devices. If an import updates an existing device, you must reapply the normalization rules and perform the model synchronization.
If an update to existing device is imported, you must reapply normalization rules and models.
No. If you have enabled integration with BMC Client Management OnPremise 11.0 (its patches or earlier), you will not get the option to enable BMC Remedyforce Discovery.
- Request the Remedyforce Discovery Server on the Remedyforce Administration > Configure CMDB 2.0 > Discovery Setup & Configuration page.
- Contact your BMC representative.
Passwords are encrypted along with the data as it uses HTTPS when transferred.
No, Proxy gateways are not supported.
For Discovery, firewalls can be configured for the scanner access to be restricted to the OnDemand server or port.
For compliance and patch management (Premium and Premium Plus offerings), more access is needed to download updates from BMC and vendors. These do support proxy gateways.
Two-factor authentication is not applicable in this architecture as the passing of data is automated. Two-factor authentication involves human intervention. If security is a concern, refer to the other FAQs that provide details for a secure approach.
The following are the FAQs about configuring Discovery.
You must install at least one scanner at each physical location behind your corporate firewall. The scanner scans 10 devices simultaneously. Each scan of 10 devices takes approximately 20 seconds.
There are two primary scanning phases. The first phase is an initial scan to identify a device (for example, device name, IP address, device type). No credentials are required to perform this scan.
The second phase is the inventory scan. This scan fetches more details from the device including hardware configuration and software installed. At least read only credentials are required to perform the inventory scan.
The amount of concurrent threads is configurable for each scanner. The default is 10 at a time. If you are doing a lightweight discovery, it is very fast (approximately 5 seconds per device). If you are performing a full discovery including both Hardware and Software Inventory information, it could take anywhere from 30 seconds to 2 minutes per device.
The impact to the network is very little because the inventory details packets are small (approximately 300 KB).
The discovery and inventory data is stored in the BMC Amsterdam datacenter, where once aggregated, it is passed to your Remedyforce CMDB.
Industry standard PKI encryption technology is implemented to transmit data both from your on premise scanner to your BMC Remedyforce Discovery Server, and again from your hosted Discovery Server into your Remedyforce CMDB. This encryption technology is based on SSL/TLS encryption standards as detailed in the following IETF documents:
- RFC 5280 implementation handles the certificate and trust process
- RFC 5246 implementation handles the encryption and cypher negotiation
The hosted application server uses a range of 10 TCP allocated during the server provisioning process. The hosted application server port ranges are static and cannot be altered.
For premium licenses, ports 1610 and 1611 ports are required.
To avoid record duplication, it is recommended that you enable and configure the CMDB reconciliation feature. Through the CMDB reconciliation feature, you can define rules that ensure uniqueness of records for a particular class. If you do not enable and configure the CMDB reconciliation feature, the Assembly ID field determines the uniqueness of records. The Assembly ID field contains a system-generated value from the discovery source. As a result, there is a risk of duplicate values when you are also importing records from other sources, such as other discovery tools and manual entry, because these sources do not share the same unique values.
To avoid the risk of duplicate records with Remedyforce discovery in case you do not enable and configure the CMDB reconciliation feature, check for the following conditions with your discovered records:
- These records do not already exist in your Remedyforce CMDB.
- These records are not discovered and imported from other discovery sources.
- These records are not manually created.
If any of these conditions exist, then analyze and clean up your data to remove any duplicate records.
All discovered devices are stored in the Computer System class. If you select other classes (Operating System, LAN Endpoint, and Processor), additional records are created in these classes and relationships to the corresponding devices in the Computer System class are also created.
No, the Remedyforce Agentless Discovery and Client Management capabilities leverage web services to replace the need to install and configure Pentaho or any other third-party tool.
Note: If you need to modify the field mappings, consider the older integration with BMC Client Management.
You can view the operating system, hardware configurations, and software inventory of the discovered devices.
Staff members can run all CMDB actions , operational rules, and other enhanced capabilities that are entitled to you by your license. Also, you must assign correct access permissions and capabilities to the staff members.
You can enable and configure discovery on a sandbox. However, you will have to enable and configure discovery again in your production organization.
It takes some time to show a scanner in the Scanner Details list. Also, the number of scanners allowed depend upon the Remedyforce discovery license that you choose. If a device is not displayed in the Scanner Details list, verify the number of scanners allowed with your license and match it with the number of scanners displayed in the Scanner Details list. For more information, see the Scanner Roll-out tab on the Discovery Setup & Configuration page and Supported discovery licenses and features .
After your Discovery Server is created successfully, the following links are displayed below the Enable Remedyforce Discovery check box - Change Password and Reset Password. You can use these links to update your Discovery Server password.
Ensure that you are entering correct Remedyforce Discovery Server credentials.
Use your Remedyforce Discovery Server credentials.
Enter the administrator credentials to access the devices that you want to discover.
No, you must enter only those credentials that are necessary for the protocols and devices that you want to scan.
If you do not enter credentials for all the selected protocols, only the devices that do not require access credentials are discovered. Devices protected with password are not discovered.