FAQ

Running BMC Helix Discovery has a minimal impact on your environment. The discovery techniques used are non-intrusive, lightweight, and agent-free.

BMC Helix Discovery is IP-based and can discover any host system with an IP connection including servers, workstations, network nodes, printers, wireless access points, and so on. In actuality, though, we aim BMC Helix Discovery at datacenter discovery, and it is optimized to that purpose. For this reason, we do not explicitly support more client-side items, such as wireless access points, workstations, and so on. Any support for those that do exist is a side effect of our support for server-side discovery, and we are unlikely to invest in improving it.

BMC Helix Discovery uses a range of discovery techniques where appropriate. These include:

• Network scanning (looking for services on well-known TCP and UDP ports on IP-reachable machines).
• Remote command execution (looking at specific processes running on each node, querying package managers, and querying established inter-process communications mechanisms).
• SNMP (MIBs provide a rich source of management information).

Obviously, the BMC Helix Discovery appliance must be able to reach the network in order to discover hosts. However, various methods of providing secure access are possible without disabling firewalls and access control policies, including using VPN tunnels and using Windows proxy for BMC Helix Discovery appliances. Some IDS systems might identify certain activities (such as port scans) as suspicious.

The discovery process will identify endpoints on such computers if they are visible from other hosts. You will need to complete details of programs running on them manually, though it might also be possible to categorize some of the components of the applications running on the unsupported platform either by which port it, or its counterpart is listening on.

To provide a clear picture of your total IT infrastructure, BMC Helix Discovery will actually reduce risk in your network by allowing you to weed out rogue elements that do not meet corporate policy, are out of date, or provide potential security holes. 
The BMC Helix Discovery discovery process uses standard techniques that do not destabilize elements of the infrastructure. 
Since there are always risks with deploying new technology, BMC's implementation plan involves analyzing areas of potential risk and achieving the right balance of risk and reward. BMC's test plan is also aimed at minimizing risk, ideally including testing in the customer's test environment.

The BMC Helix Discovery ethos is agent-free management. BMC does not believe the logistical challenges associated with having an agent on every node is justifiable, so no BMC Helix Discovery-specific software needs to be installed on other computers. The BMC Helix Discovery user interface is entirely web-based.

Agent-based discovery relies upon a level of control of asset deployment that does not exist in most businesses. It also implies a significant cost overhead to maintain agents on each platform, including approving, testing, and deploying the agents. Finally, agents might not be available for the range of target platforms that your organization uses. We use standard techniques that have individually been authorized and deployed.

Yes, BMC Helix Discovery integrates with the following products:

• BMC Helix CMDB: BMC Helix Discovery can synchronize discovered data to BMC Helix CMDB using CMDB synchronization.
• Rest API: The REST API is intended to be used by a script or program that wants to interact with and control a BMC Helix Discovery appliance from a remote machine.

If you forget your user interface (UI) password to log in to BMC Helix Discovery, you can reset the password at the command line.

The BMC Documentation portal gives you the ability to generate PDF and Microsoft Word documents of single pages and to create PDF exports of multiple pages in a space.  

Creating PDF and Word exports

You can create a PDF of a page or a set of pages. (Non-English page exports are not supported.) You can also create a Word document of the current page.

To export to PDF or Word

1. From the Tools menu in the upper-right, select a format:
   • Export to Word to export the current page to Word format.
   • Export to PDF to export the current page or a set of pages to PDF.
     
     
     
2. If exporting to PDF, select what you want to export:

• • Only this page to export the current page.
  • This page and its children to export a set of pages.

For example, selecting This page and its children from the home page exports the entire space to PDF.

Depending on the number of topics included in the export, it might take several minutes to create the PDF. Once the export is complete, you can download the PDF.

This depends on your IT environment. In general, you need one BMC Discovery Outpost per isolated network segment. No specific performance tests have been done in this regard. 

The system can balance the load across multiple BMC Discovery Outposts in a limited or static way. The system initially balances the load, and eventually remembers which endpoints went to which Outpost and tries to send that work to the same Outpost. Because the system does not adjust the balancing, the load will not be processed if an Outpost goes down. Also, a new Outpost will not receive any existing endpoints as work, but only new ones.

To work around this, re-register the Outposts, which resets the balancing. Alternatively, use Outpost or IP range restrictions to control where the workload goes.

The number of hosts and devices that you can scan depends on many variables, including the size of the scanned hosts or devices. Also, a single BMC Discovery Outpost may be sufficient for a small Discovery cluster, but not a large one.

Yes, you can use the BMC Discovery Outpost to scan cloud resources provided the appropriate credentials are configured, and the resources to be scanned are available or visible from the Outpost.

If you specify an Outpost to be used for a particular scan range, BMC Helix Discovery uses only that Outpost. If a scan is directed to a specific Outpost, and that Outpost has IP address restrictions, then the scan of those restricted IPs will fail.

If you specify only IP address restrictions, BMC Helix Discovery directs the scan to an Outpost that does not have those restrictions.

If you are using scopes, specify a particular Outpost. Otherwise, use IP address restrictions where necessary and allow the system to select the Outpost.

Communication is always from the BMC Discovery Outpost to the BMC Helix Discovery appliance or instance. Communication is never initiated by the BMC Helix Discovery appliance or instance. 

Communication between the BMC Discovery Outpost and the BMC Helix Discovery appliance or instance is always sent over HTTPS, so port 443 must be open on the appliance or instance. All TCP connections are bi-directional because packets flow in both directions.

For a Discovery cluster, the communication must be enabled for each cluster member. If there is a requirement for direct access to the Outpost UI, port 443 must be open on the Outpost.For more information, see Network ports used for discovery communications.

The BMC Discovery Outpost uses the same ports as a BMC Helix Discovery appliance or instance to scan targets. The BMC Discovery Outpost initiates the connection. All TCP connections are bi-directional because packets flow in both directions.
Like a scanner, the BMC Discovery Outpost, by default, checks port 135 to determine if a target is a Windows server. For more information, see Network ports used for discovery communications.

There would be duplicates only if there has been an identity change.

The BMC Discovery Outpost is the same for BMC Helix Discovery (SaaS version) and BMC Discovery (on-premises version). There is no difference in the UI or the features.

BMC Helix Discovery does not provide the facility for backing up the BMC Discovery Outpost. You could backup by using the normal methods that are used for backing up a Windows server, such as a VMWare snapshot. It is strongly recommended to separately export your credential vault on a regular basis.  

You can simply restore the Windows server backup that you had taken earlier. It is also possible to import a backup of the credential vault if that is all that you require.

Currently, BMC Helix Discovery does not support high availability for the BMC Discovery Outpost, but it will be considered for a future release.

Currently, an Outpost API is not available, but it will be considered for a future release.

Scans will run longer and may eventually show timeouts. Also, check Windows to see if the BMC Discovery Outpost is paging. Note that the BMC Discovery Outpost is currently limited to 500 concurrent BMC Helix Discovery requests.

The data transfer usage between the BMC Discovery Outpost and its targets will be the same as the usage between a scanning appliance or instance and its targets. The requests passed from the appliance or instance to the Outpost should be relatively small. The results sent from the Outpost to the appliance or instance will vary in size depending on the nature of the discovery.