The following table displays the version history of BMC Discovery: BMC Discovery version 11.1 patch 3 resolves some important defects. As a result of those enhancements, an appliance running 11.1 patch 3 cannot join a cluster running 11.1 patch 2 or earlier. In normal circumstances, all cluster members have the same version. You can upgrade a cluster running any version from 10.1 onwards to 11.1 patch 3. There is one obscure circumstance in which you may require a new appliance running 11.1 patch 2. If you have a fault tolerant cluster running 11.1 patch 2 (or an earlier patch) and a member has failed, then your cluster is in a degraded state. In that state, you must replace the failed member before you can upgrade the cluster. You cannot replace the failed member with a new appliance running 11.1 patch 3, so you must use an appliance running 11.1 patch 2. Once the cluster has recovered from the failure, it is possible to upgrade the whole cluster to 11.1 patch 3 as usual. If you are in this situation, and you do not have an image of 11.1 patch 2 with which to replace the failed cluster member, please contact Customer Support. They will provide a suitable download. You can upgrade to version 11.1.x from version 10.1 and later. These Release Notes detail the following information: Additional permissions required on XML and CSV APIs The permission required to access the CSV and XML API has changed. You need to grant the new API access permission (api-access group), or updating group permissions to include the api/access permission for users who require access to the CSV and XML web APIs. Existing integrations will fail if you do not add the permission. Updated SSH server The SSH server installed on BMC Discovery appliances 10.2 and later has been modified. This modification removes some weak ciphers and HMAC algorithms (and non-FIPS approved) from the list of allowed connections. Therefore, some older versions of ssh clients might be unable to connect. The following client versions (or later) have been tested and are known to work: BMC Atrium Discovery OS and application software have been tested and found to be free from susceptibility to date/time issues which may occur as the result of the additional day in a leap year.
BMC Discovery 11.1
Version history
BMC Discovery version Release date Remarks 11.1 11 November 2016 For complete information about this release, see the features listed in the following section of this page. 11.1 patch 1 18 November 2016 This release resolves important defects. 11.1 patch 2 2 December 2016 This release resolves important defects. 11.1 patch 3 17 February 2017 This release resolves important defects. See also the warning below. 11.1 patch 5 7 June 2017 This release resolves important defects. 11.1 patch 6 11 October 2017 This release resolves important defects. 11.1 patch 7 22 June 2018 This release resolves important defects. 11.1 patch 8 03 May 2019 This release resolves important defects and security vulnerabilities. It also introduces a feature for restricting the paths on which you can run commands. Release Notes
| |||
Ready-made PDF of this space
The following table provides ready-made PDF that contain snapshots of the content in this space.
| Topic | Date | Size |
|---|---|---|
| Version 11.1 | 11 Nov 2016 | 26.1 MB |
| Version 11.0 | 1 Mar 2016 | 25.0 MB |
Videos
The following table lists topics that contain videos that supplement the text-based documentation.
The following topics provide answers to frequently asked questions about BMC Discovery:
- What is the performance impact of running BMC Discovery?
- What can BMC Discovery discover in the network?
- What discovery techniques do you use?
- Will any network security need to be disabled for the discovery process?
- What is the impact of my applications running on platforms that are not supported by BMC Discovery?
- Can the product introduce any risk into my network or application infrastructure?
- Do I need to install any software on other computers?
- Why is agent-free discovery so important?
- How do I reset the BMC Discovery user password?
What is the performance impact of running BMC Discovery?
Running BMC Discovery should have a minimal impact on your environment. The discovery techniques used are non-intrusive, lightweight and agent-free.
What can BMC Discovery discover in the network?
BMC Discovery is IP-based and can discover any host system with an IP connection including servers, workstations, network nodes, printers, wireless access points, and so on. In actuality, though, we aim BMC Discovery at datacenter discovery, and it is optimised to that purpose. For this reason, we do not explicitly support more client-side items, such as wireless access points, workstations and so on. Any support for those that does exist is a side effect of our support for server-side discovery, and we're unlikely to invest in improving it.
What discovery techniques do you use?
BMC Discovery uses a range of discovery techniques where appropriate. These include:
- Network scanning (looking for services on well-known TCP and UDP ports on IP-reachable machines).
- Remote command execution (looking at specific processes running on each node, querying package managers and querying established inter-process communications mechanisms).
- SNMP (MIBs provide a rich source of management information).
Will any network security need to be disabled for the discovery process?
Obviously, the BMC Discovery appliance needs to be able to reach areas of the network in order to discover hosts. However various methods of providing secure access are possible without disabling firewalls and access control policies, including using VPN tunnels and using Windows proxy BMC Discovery appliances. Some IDS systems might identify certain activities (such as port scans) as suspicious.
What is the impact of my applications running on platforms that are not supported by BMC Discovery?
The discovery process will identify endpoints on such computers if they are visible from other hosts. You will need to complete details of programs running on them manually, though it might also be possible to categorize some of the components of the applications running on the unsupported platform either by which port it, or its counterpart, is listening on.
Can the product introduce any risk into my network or application infrastructure?
To provide a clear picture of your total IT infrastructure, BMC Discovery will actually reduce risk in your network by allowing you to weed out rogue elements that do not meet corporate policy, are out of date or provide potential security holes.
The BMC Discovery discovery process uses standard techniques that should not de-stabilize elements of the infrastructure.
Since there are always risks with deploying new technology, BMC's implementation plan involves analyzing areas of potential risk and achieving the right balance of risk and reward. BMC's test plan is also aimed at minimizing risk, ideally including testing in the customer's test environment.
Do I need to install any software on other computers?
The BMC Discovery ethos is agent-free management. BMC does not believe the logistical challenges associated with having an agent on every node is justifiable, so no BMC Discovery-specific software needs to be installed on other computers. The BMC Discovery user interface is entirely web-based.
Why is agent-free discovery so important?
Agent-based discovery relies upon a level of control of asset deployment that does not exist in most businesses. It also implies a significant cost overhead to maintain agents on each platform, including approving, testing and deploying the agents. Finally, agents might not be available for the range of target platforms that your organization uses. We use standard techniques that have individually been authorized and deployed.
How do I reset the BMC Discovery user password?
If you forget your user interface (UI) password to log in to BMC Discovery, you can reset the password at the command line.
The tw_passwd utility enables you to change the password of a specified user interface user. To use the utility, enter the following command at command prompt:
tw_passwd username
where username is the name of the UI user to change.
For example:
[tideway@DE-32 ~]$ tw_passwd fred New password: Retype password: Password set for user 'fred'. [tideway@DE-32 ~]$
Changing passwords for command line users
The tw_passwd utility is for changing UI users' passwords. To change the passwords for command line users, as the root user, use the Linux command passwd. This is described in Changing the root and user passwords
If you have any other questions about BMC Discovery, contact Customer Support.
BMC Atrium CMDB
BMC Discovery can synchronize discovered data to BMC Atrium CMDB using CMDB synchronization.
BMC PATROL
BMC PATROL is a systems, applications, and event management tool. It provides an environment to modify the BMC Discovery firewall.
BMC Atrium Orchestrator
BMC Atrium Orchestrator integrates, automates, and orchestrates processes across multiple applications and tools. When integrated with BMC Discovery, BMC Atrium Orchestrator triggers a rescan of the virtual machine that was moved, and the source and destination hosts.
BMC Remedy Single Sign-On
BMC Remedy Single Sign-On (BMC Remedy SSO) is an authentication system that supports various authentication protocols such as LDAP and provides single sign-on for users of BMC products. BMC Discovery provides an integration with BMC Remedy Single Sign-On makes use of same LDAP server as BMC Remedy Single Sing-On.
REST API
The REST API is intended to be used by a script or program that wants to interact with and control a BMC Discovery appliance from a remote machine.
CyberArk Enterprise Password Vault
CyberArk Enterprise Password Vault (CyberArk Vault) is a third-party application, which enables you to centrally manage credentials for the various systems that are installed in your environment. BMC Discovery provides an integration with CyberArk Vault to obtain credentials that are required to perform scans.