UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21. Read more.
UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21.Read more.
168 views

Everyone working from home so how do you handle endpoint discovery?

With so many people now working from home this creates a unique challenge for endpoint discovery. How has your discovery changed to capture endpoints?

I have found the following articles to be useful:

Short leased IP addresses get merged incorrectly 
Adding a reconciliation exclusion manually to the URM 

In my environment I have specific IP ranges which are used exclusively for VPN but they are configured for short lease (client). I have increased the frequency of my discovery jobs Range IPs by ICMP and Host Connection by Shell and defined the trigger TQL to only act on these VPN IP ranges. I have also created an enrichment that deletes the containment relationship between Node and IP Address if the last discovered time is greater than 3 days. My normal aging time is too long to clean up all these short relationships. This improves the chances of the Inventory Discovery by Scanner job of running the scanner on the correct endpoint if it doesn't have to try connecting to tens of IP addresses before finding the IP address with the correct UD Unique ID.

How has your discovery changed?

John

Labels (2)
1 Reply
Cadet 3rd Class Cadet 3rd Class
Cadet 3rd Class

Hello John,

Interesting that you are bringing this up. We have a challenge to run the “Inventory Discovery by Scanner” on clients, related to that employees now mainly works from home via VPN networks.

Since the VPN IP address is perceived as virtual by the “Host Connection by Shell” it is not included in the result of the job and the client Windows CI does not get a related Ip address CI in UCMDB, which means that the trigger query of the “Inventory Discovery by Scanner” job is not fulfilled.

I saw your former reply to another post on this topic that “Your client systems will need to at one time have been on a network that is included in the Probe Range.” Now that everyone is working from home they are very rear/never connected “on sight” and therefore never queued for the “Inventory Discovery by Scanner” job.

Based on the description of your current setup, it seems like you are able to use the “Host Connection by Shell” job to retrieve the IP addresses of clients in the VPN IP ranges. May I ask if you did anything specific to make the “Host Connection by Shell” job include “virtual ip’s” in the result, or isn’t the VPN IP’s perceived as virtual in your case?

Thanks in advance for any input!

Daniel

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.