Page Comparison

Probe Types (Out Of Box)

wmi, snmp, ssh, http, wins, dns, printer, osx, ip_phone

How Discovery Works (Out Of Box)

• port scanner runs against IPs to see what's open
• determines device type
• depending on type, runs applicable probes:
  • Windows: WMI & powershell
  • Unix: SSH
  • Printers: SNMP
  • Network Devices: SNMP
  • Web: HTTP headers
  • UPS: SNMP
• search the CMDB using identifiers, do either:
  • update/add matching CI
  • no-op

Platforms

Proof of Concept

Instead of using canned SSH-based probes for UNIX, we are researching the possibility of using SNMP against unix boxes (and possibly windows). In theory we can do this by simply replacing the SSH probes with equivalent SNMP probes which SNMP GET information from extended MIB objects which we apply to all machines we plan to instrument.

...

• SNMP doesn't require us to open up shell access to a broad population of machines
• SNMP is the same protocol used for net devices & printers (2 down, Windows potentially remains the odd man out)

Platforms

Probe Types

wmi, snmp, ssh, http, wins, dns, printer, osx, ip_phone

Probes to Replace

• ? (will get list when Discovery is available

Proof of Concept (UNIX)

Linux

On Linux/net-snmp 5 here's one way to do extensions (there are several).

...

...we may want to use SNMPv3, but the general idea is clear... we can expose arbitrary configuration data through SNMP. Since there are only a few dozen probes (and maybe only a subset of actual interest to Yale) we should be able to leverage SNMP for UNIX discovery instrumentation.

Proof of Concept (Windows)

It's not yet clear which way to go. There is a possible benefit to going SNMP for all discovery. However, it is not clear that the benefits outweigh the costs, because it might be possible to do WMI discovery without granting privilege by properly securing the WMI namespace... this might be much easier than porting another set of custom SNMP probes for Windows.

...

Probes to Replace