Configuring and running an asset discovery scan of a specific part of your network

Configuring and running an asset discovery scan of a specific part of your network

This type of scan job allows you to individually configure all parts of the network scan:

• the scanner to use
• The scanning methods
• The protocols to use
• The targets
• The scan's schedule

This is the recommended scan to use if:

• Your scan targets are located in a different subnetwork than the scanner
• You want to scan your network for virtual and physical devices.

1. Click Wizards > Asset Discovery.
    The Asset Discovery Wizard appears.
2. Select Configurable.
    The Configurable Discovery window appears. In this second window you can define which parts of the scan are to be specifically defined, and for which the default values are to be used.

3. Check all configurable options.

   None of the required objects exist yet. The only configurable option you will not select is the schedule, because you will want to run the scan immediately and only once, which is the default schedule.

4. Click Next.
    The Scanner window appears.

5. Select a scanner from the list.

   If you have only one relay installed this list box only shows this one device and it is already preselected as the scanner. If you have several defined as scanners select the scanner to use.

6. Click Next.
    The Scan window appears.
7. Enter a descriptive name for this scan in the Name box, for example My configurable rollout scan job.
8. (Optional) Select the folder in which the scan is to be located by clicking the Browse button and selecting the target folder from the list. You can also create a new folder by clicking New Folder . Enter a name for the new folder and click OK ; thenc click OK again to confirm the selected folder.
9. Click Next.
    The Scan Configuration window appears.
10. Enter a descriptive name for this scan configuration in the Name box, for example My configurable scan configuration for rollout.
11. (Optional) Select the folder in which the scan configuration is to be located by clicking the Browse button and selecting the target folder from the list. You can also create a new folder by clicking New Folder . Enter a name for the new folder and click OK ; then click OK again to confirm the selected folder.
12. Click Next.
     The Protocols window appears.

13. Either keep all the protocols that are activated by default, or deactivate one or more protocols by clearing the check boxes next to them.

    If you are not scanning for virtual devices, clear the VMware vSphere and Hyper-V protocols.

14. To add credentials to a protocol, select its entry in the table and then click Add Credential to the right.
     The Credentials box becomes available.
15. To add a new user identification, click Add at the bottom.
     The Properties dialog box appears.

16. Enter and confirm the login name and corresponding password.

    The login name must have the following format:

    • <domain name>/<user logon> if you are on a domain
    • <user logon> if you are not on a domain
17. If you are adding credentials for the SNMP protocol, you must enter the name of the community and confirm it by re-entering it.
18. To view the passwords/communities, clear the Hide Passwords check box.
     Both password boxes are now displayed in clear text format.
19. To confirm the new user account, click OK at the bottom of the window.
     The account is added to the list at the right side of the dialog box.
20. Repeat the preceding steps to add more authentications, if necessary.
21. To delete an existing user login from the selected protocol select it in the table and click Delete below the box.
22. Click Next.
     The Target List Configuration window appears.
23. Enter a name for the new target list in the Name box, for example My configurable scan rollout target list , and define a specific folder, if necessary.

24. Add the devices to the scan. The easiest way to do so is to add IP address ranges to scan:

    When you specify an address range with IPv6 addresses, be careful to not add complete subnets, which are very large and take very long to complete.

    1. Click Add Existing Device .
        The Add a Device dialog box appears on the screen.
    2. Enter the target ranges to be added to the list in the respective text box. These can be entered:

• As a comma-separated list of names or ranges, for example, scotty; 192.168.4.45-192.168.4.47; 2001:0db8:85a3:0000:0000:8a2e:0370:7334 which includes computers scotty.enterprise.com , 192.168.4.45, 192.168.4.46 , 192.168.4.47 and 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
• As CIDR notation in the form of 192.9.205.22/18 or 2001:0db8:85a3:0000:0000:8a2e:0370:45/123
  1. Click OK to add the range and close the window.

1. Click Finish.
2. In the Confirmation dialog box, click Yes to change the focus of the console window to the scan view.
    The focus of the console switches to Asset Discovery > Scanners > Your Scanner > Assigned Scans > My configurable rollout scan job.
3. Select the Assigned Schedule tab.

4. To follow the scan process, check the Status column.

   This view displays detailed information about the scan currently running on each device with specific counters.

   The Status column starts with Assignment Waiting. Then it goes through all the respective stages and displays Executed.

   The scan is finished when the status Done or Unreachable appears.

5. Select the node of your scan in the left window pane.
6. In the table to the right, select the target devices for the relay or client rollout.
7. Right-click your mouse button on your selection and select the Agent Rollout option from the pop-up menu.
    The Agent Rollout Wizard appears.

Where to go from here

• If you are installing in the cloud:
   Continue the rollout procedure with step 2 of either the relay rollout or the client rollout.
• If you are installing on site:
   Continue the rollout procedure with step 2 of either the relay rollout  or the client rollout.