BMC Discovery 11.3
Consult the following table for a list of notices and information about updates to BMC Discovery.
To stay informed of changes to this list, click theicon on the top of this page.
|January 10, 2020||11.3 patch 6|
The 11.3 patch 6 release is available on CentOS 7.
This release also resolves a number of defects.
|December 20, 2019||11.3 patch 6|
The 11.3 patch 6 release is delivered running on Red Hat Enterprise Linux 7 (RHEL 7). It is a separately licensed product intended for customers whose organizations require particular certifications available with RHEL 7, such as Common Criteria Security Certification.
This release also resolves a number of defects.
|May 03, 2019||11.3 patch 5||This release resolves important defects and security vulnerabilities. It also introduces updates to the CyberArk integration, and a feature for restricting the paths on which you can run commands.|
|November 29, 2018||11.3 patch 4||This release resolves an important defect.|
|October 30, 2018||11.3 patch 3||This release resolves a number of defects.|
|July 11, 2018||11.3 patch 2||This release resolves a number of defects.|
|June 22, 2018||11.3 patch 1|
This release resolves a number of defects.
This release also makes changes to the appliance certificates which require some configuration after installation. See Configuring after upgrade for more information.
|March 21, 2018||11.3||For complete information about this release, see the features listed in the following section of this page.|
You can only upgrade to version 11.3 patch 1 from version 10.1 and later. See Upgrading for information on supported upgrade versions.
These Release Notes detail the following information:
- 11.3 Enhancements
- Known and corrected issues
- Important information for users of BMC CMDB
- Supported versions of BMC Discovery
- Limitations and restrictions of this version
Additional permissions required on XML and CSV APIs
or updating group permissions to include the api/access permission
Provides information for security teams with the information required to verify the security of BMC Discovery and enable network administrators to run BMC Discovery in their environment.
Provides information on the products that BMC Discovery can discover and the level of information it can obtain. Configipedia also contains information on monthly TKU updates.
Details of possible problems and how to solve them.
Introduction to the standard pages and methods of navigating the BMC Discovery UI.
Information required to manage and maintain BMC Discovery.
Information for developers describing the TPL and node lifecycle.
Integrations with other products.
This section provide answers to frequently asked questions about BMC Discovery.
Running BMC Discovery has a minimal impact on your environment. The discovery techniques used are non-intrusive, lightweight, and agent-free.
BMC Discovery is IP-based and can discover any host system with an IP connection including servers, workstations, network nodes, printers, wireless access points, and so on. In actuality, though, we aim BMC Discoveryat datacenter discovery, and it is optimized to that purpose. For this reason, we do not explicitly support more client-side items, such as wireless access points, workstations and so on. Any support for those that does exist is a side effect of our support for server-side discovery, and we are unlikely to invest in improving it.
BMC Discovery uses a range of discovery techniques where appropriate. These include:
- Network scanning (looking for services on well-known TCP and UDP ports on IP-reachable machines).
- Remote command execution (looking at specific processes running on each node, querying package managers, and querying established inter-process communications mechanisms).
- SNMP (MIBs provide a rich source of management information).
Obviously, the BMC Discovery appliance must be able to reach the network in order to discover hosts. However, various methods of providing secure access are possible without disabling firewalls and access control policies, including using VPN tunnels and using Windows proxy for BMC Discovery appliances. Some IDS systems might identify certain activities (such as port scans) as suspicious.
The discovery process will identify endpoints on such computers if they are visible from other hosts. You will need to complete details of programs running on them manually, though it might also be possible to categorize some of the components of the applications running on the unsupported platform either by which port it, or its counterpart, is listening on.
To provide a clear picture of your total IT infrastructure, BMC Discovery will actually reduce risk in your network by allowing you to weed out rogue elements that do not meet corporate policy, are out of date, or provide potential security holes.
The BMC Discovery discovery process uses standard techniques that do not de-stabilize elements of the infrastructure.
Since there are always risks with deploying new technology, BMC's implementation plan involves analyzing areas of potential risk and achieving the right balance of risk and reward. BMC's test plan is also aimed at minimizing risk, ideally including testing in the customer's test environment.
The BMC Discovery ethos is agent-free management. BMC does not believe the logistical challenges associated with having an agent on every node is justifiable, so no BMC Discovery-specific software needs to be installed on other computers. The BMC Discovery user interface is entirely web-based.
Agent-based discovery relies upon a level of control of asset deployment that does not exist in most businesses. It also implies a significant cost overhead to maintain agents on each platform, including approving, testing and deploying the agents. Finally, agents might not be available for the range of target platforms that your organization uses. We use standard techniques that have individually been authorized and deployed.
Yes, BMC Discovery integrates with the following products:
- Rest APIs: The REST API is intended to be used by a script or program that wants to interact with and control a BMC Discovery appliance from a remote machine.
- Export APIs (CSV and XML): The BMC Discovery Exporting discovered data using the CSV and XML APIs enable users to interrogate the datastore using a script or program, and receive data back as a stream of text, an empty string, or a return code.
- CyberArk Enterprise Password Vault: CyberArk Enterprise Password Vault (CyberArk Vault) is a third-party application, which enables you to centrally manage credentials for the various systems that are installed in your environment. BMC Discovery provides an integration with CyberArk Vault to obtain credentials that are required to perform scans.
- BMC CMDB: BMC Discovery can synchronize discovered data to BMC CMDB using CMDB synchronization.
- BMC Remedy Single Sign-On: BMC Remedy Single Sign-On (BMC Remedy SSO) is an authentication system that supports various authentication protocols such as LDAP and provides single sign-on for users of BMC products.
If you forget your user interface (UI) password to log in to BMC Discovery, you can reset the password at the command line.
tw_passwd utility enables you to change the password of a specified user interface user. To use the utility, enter the following command at command prompt:
where username is the name of the UI user to change.
Changing passwords for command line users
tw_passwd utility is for changing UI users' passwords. To change the passwords for command line users, as the root user, use the Linux command
passwd. This is described in Changing the root and user passwords
If you have any other questions about BMC Discovery, contact Customer Support.