Everyone working from home so how do you handle endpoint discovery?
With so many people now working from home this creates a unique challenge for endpoint discovery. How has your discovery changed to capture endpoints?
I have found the following articles to be useful:
In my environment I have specific IP ranges which are used exclusively for VPN but they are configured for short lease (client). I have increased the frequency of my discovery jobs Range IPs by ICMP and Host Connection by Shell and defined the trigger TQL to only act on these VPN IP ranges. I have also created an enrichment that deletes the containment relationship between Node and IP Address if the last discovered time is greater than 3 days. My normal aging time is too long to clean up all these short relationships. This improves the chances of the Inventory Discovery by Scanner job of running the scanner on the correct endpoint if it doesn't have to try connecting to tens of IP addresses before finding the IP address with the correct UD Unique ID.
How has your discovery changed?
Interesting that you are bringing this up. We have a challenge to run the “Inventory Discovery by Scanner” on clients, related to that employees now mainly works from home via VPN networks.
Since the VPN IP address is perceived as virtual by the “Host Connection by Shell” it is not included in the result of the job and the client Windows CI does not get a related Ip address CI in UCMDB, which means that the trigger query of the “Inventory Discovery by Scanner” job is not fulfilled.
I saw your former reply to another post on this topic that “Your client systems will need to at one time have been on a network that is included in the Probe Range.” Now that everyone is working from home they are very rear/never connected “on sight” and therefore never queued for the “Inventory Discovery by Scanner” job.
Based on the description of your current setup, it seems like you are able to use the “Host Connection by Shell” job to retrieve the IP addresses of clients in the VPN IP ranges. May I ask if you did anything specific to make the “Host Connection by Shell” job include “virtual ip’s” in the result, or isn’t the VPN IP’s perceived as virtual in your case?
Thanks in advance for any input!