Network Discovery Improvement Ideas
Suggestions:
Ability to scan multiple subnets from one agent - don't try to be too clever here and lock us down to selecting a monitoring agent that has only been shown to have a matching internal LAN IP address for the subnet we are wanting to audit. We could be auditing an existing network that we have a management netwok on for example, so we know a node on that subnet can see the other subnets no issue, or we could be completely new to a network and want to start polling all of the known subnets from one agent to see how much info we can gather, manual entry for us gives us this flexibility
Ability to add custom SNMP strings to start scanning on - obviously sometimes public might not be the SNMP community string, especially on a network takeover
Flesh out the reporting section - allow us to drill down into WHAT OS's are aging - or WHAT is unreachable, rather than just showing a percentage
Allow us to create SNMP / TCP / HTTP / Generic object types from things found in the network scan & then mark that as 'Monitored' in network discovery so we know we have something on this already and don't need to be alarmed that we've missed something. For example a network switch - we might want to say 'oh we want to monitor this as a proper SNMP object now' and being able to do that is far far quicker utilizing network discovery to cross these things off of a list instead of manually going to find all of these things and then creating those object types later on.
Daniel Gagg
shared this idea
-
Jack Anderson
commented
Along these same lines - Being able to 'ignore' or 'snooze' found devices that we don't want to monitor or CVE's that have no remediation from their manufacturer would make the alerts and new device counts more useful.