How to limit the Discovery Scope

 The actual scope for a network inventory scan

 The actual scope for a network inventory scanDear JDisc friends,

a question that comes up very often is how to limit the discovery scope. JDisc Discovery has been designed to find as many devices as possible. A while ago, we have created a blog entry which discusses what the scope of a discovery actually is. Refer to this blog entry for a quick review. In essence, it is important to understand, that the devices being scanned can be outside the configured ping ranges.

Actually, JDisc Discovery has several ways to find devices indirectly by scanning other devices. Some of them are related to virtualization, but some of them also to dependencies or pyhsical or logical connections. And of course, those indirectly connected devices can virtually be anywhere on the LAN.

  • we get information about all ESX servers, all VMs when scanning a VMware VCenter installation
  • we get information about client computers connected via RDP to a server which is being scanned
  • we get information about actual servers which are part of a blade center when scanning the blade chassis
  • we gather information about devices connected via TCP/IP ports to the scanned server
  • we can get IP addresses of devices when reading the ARP caches from routers
  • and possibly more options being added over time…

While that might be great, if you would like to scan as much as possible, you might have issues when you would like to scan only a well defined network. Unfortunately, the options to disable scanning devices out of the configured ping ranges are spread over different configuration screens. We have ideas on how to improve that and we’ll definitely implement some help on that in the future.

But as for now, you have to disable the options within the following panels:

General Settings

The general settings tab includes some options about how to deal with domain or dns servers found when scanning a device. Disable the marked options in order to disable scanning DNS server or domain controllers as they are identified when scanning a server.

GeneralSettings GeneralSettings

Data Collection Settings

There are several options within the data collection tab which are used to identify related devices. Disable the selected options:

DataCollection DataCollection

Disable the marked options in order to avoid scanning related devices. The Dependency Mapping section is only available if the Dependency Mapping Add-On is installed.

Data Collection – Virtualization

The virtualization tab has many settings about how to scan virtual environments. Remember, that we can get information about all ESX servers and virtual machines when scanning the VCenter installation. The ESX servers or virtual machines might be outside the configured networks. And also keep in mind, that you will not get the relationships between the VCenter, the ESX servers and the VMs when you disable this option!

If you would like to gather those relationships, then you’d need leave the options enabled and define a IP filter which excludes devices outside your scope.

Virtualization Virtualization

Use the Filters tab and create an IP based filter in order to exclude IP ranges not in scope!

Hope that helps to answer some of the questions you might have regarding the scope.

Best regards,
Thomas

About The Author

Thomas Trenz
I own and manage JDisc and its network inventory and discovery products. Before I started JDisc, I worked quite a long time for Hewlett-Packard developing software for network assessments and inventory projects. Feel free to contact me on Linked-In or Xing.

Leave A Comment


The reCAPTCHA verification period has expired. Please reload the page.