The discovery service identifies systems in the network and obtains relevant information from them as quickly as possible and with the lowest impact, using a variety of different tools and techniques to communicate.
In BMC Atrium Discovery, a Linux-based appliance controls the Windows-based discovery process. This process follows the model of communication where one device (the master) has unidirectional control over one or more other devices (known as proxies). This unidirectional control relationship is required because a Linux-based application cannot discover the quality of information required from a Windows system, so it requires that the Windows system perform those tasks itself. Consequently, both master and proxy are used to describe the Windows discovery process throughout the documentation. For additional terms and definitions, see the Glossary.
Discovery occurs using a combination of the central UNIX discovery service and a Windows proxy. The Windows proxy is required because the methods that are used to access Windows hosts are available only from Windows systems. When the Discovery Engine determines that the target host runs a Windows-based operating system, it sends a discovery request to a Windows proxy.
A typical organization may use firewalls to partition its networks and protect it from unauthorized access. BMC Atrium Discovery offers a central discovery service, allowing any network systems on the same network to be discovered. For systems beyond firewalls to be discovered, new firewall rules must be created to enable BMC Atrium Discovery to detect those devices or to connect to additional discovery appliances that can consolidate discovery data to the central discovery service.
For each IP address, the discovery service performs of the following tasks (although it may skip some steps in the process):
Any device that discovery cannot log into is identified only by the results obtained from reverse DNS lookup, telnet, SNMP requests, and IP fingerprinting (where enabled). Hosts and mainframe computer nodes are created only after a successful login. Network device nodes are created after a successful SNMP access.
The BMC Atrium Discovery appliance is UNIX-based and uses the discovery service to determine the type and version of the operating system. The discovery service on the appliance attempts to use ssh (or if desired telnet/rlogin) to access the host, performs connectivity checks on known ports, and attempts to log on with stored credentials and run discovery commands.
Windows discovery is performed using Windows proxies. This is application software that runs on a number of Windows hosts on the network. For more information, see Windows discovery.