Understanding BMC Atrium Discovery
This section is intended for IT operations staff and managers who are new to BMC Atrium Discovery and need an initial orientation. It gives a brief overview of the following topics:
Goals and benefits
The ultimate goal of BMC Atrium Discovery is to identify systems in the network and obtain relevant information from them as quickly as possible and with the lowest impact, using a variety of different tools and techniques to communicate.
Use of BMC Atrium Discovery in your organization gives you an insight into the elements that build up your IT infrastructure. This is helpful when you are following the ITIL best practices and enables you to keep the configuration and asset database up to date as well as verify compliance of your network, hardware and/or software configuration to the uniform organization-wide golden standard.
For additional terms and definitions, see the Glossary.
The discovery process
BMC Atrium Discovery attempts to discover whatever device is at each IP address or endpoint. For each endpoint, it follows the following procedure. The first check is to see whether it is permitted to scan the endpoint. If not, not further action is taken. If scanning is permitted, discovery checks for cached data for that IP address. If no cached data is found, then it checks for a previously successful login method, for example, an ssh login, Windows Proxy, or SNMP access, and uses that method to log in again and run discovery commands. If none of this is successful, BMC Atrium Discovery performs an access method port scan. If there is no response, the IP address is considered dark space and no further discovery is attempted. For an in-depth description of dark space scanning, see Dark space scanning.
If there is a response, that is, there is a device at that endpoint, BMC Atrium Discovery attempts the following access methods, in sequence until one is successful:
- Attempt to login (using shell first, and then using Windows proxy if shell is unsuccessful) and run discovery commands if suitable credentials or an Active Directory Windows proxy are available.
- Perform SNMP get.
- Connect using telnet to read the banner.
- Connect to the z/OS Host Server port.
- Perform an HTTP HEAD request on the host.
- Connect using ftp to read the banner.
- Match open ports (IP fingerprint) to predict a class of OS.
BMC Atrium Discovery is likely to be able to identify the OS and version without requiring all of the steps described previously. After it has discovered sufficient information, the discovery service stops working on that IP address and moves on to the next address in the queue.
Any device that BMC Atrium Discovery cannot log into is identified only by the results obtained from reverse DNS lookup, telnet, SNMP requests, and IP fingerprinting (where enabled). Hosts and mainframe computer nodes are created only after a successful login. Network device nodes are created after a successful SNMP access.
BMC Atrium Discovery stores and supports all character data as UTF-8, but does not support direct discovery of data outside the basic ASCII character set. If such data is discovered, BMC Atrium Discovery is unable to map it to UTF-8 and invalid characters are introduced into the discovery data. Windows proxies do attempt some conversion of this data.