Reply

Initializing Network Insight; How Tos

Guru
Posts: 59
2046     0

OK, so I've installed Network Insight as both eval and purchased VMs.

 

My network is fairly large.  Multiple /16s of public IPv4 space, RFC1918 space three autonomous systems, a couple major campuses, and 50 or so remote sites.

 

One campus, the one I'm on, has a half dozen buildings.  Each building has a distribution router, and a number of acess switches.  I entered in a core router as a seed router, as well as the distribution router for my building, and I enabled Discovery on approximately 25 subnets that were in DHCP. 

 

My expectation was that I would "Discover" every access switch in the building, and then anything I saw on the interface or asset level would be gravy.  That would be around 16-20 access stacks, each stack being a stack of 1-8 cisco 3000 level access switches.

 

What I got, twenty four hours later was:

  • seven Video receivers  - these devices are part of the VTC equipment it the conference rooms.
  • The Distribution Router
  • Three routers denoted "unknown"
  • One switch with a name associated with it.
  • One e-mail from a paranoid user asking my one of my machines was port-scanning his workstation.

Not exactly what I wanted, but hey...  It's a start!

 

The video receivers are connected to access switches.  The fact that they show up but no other devices, PCs, laptops, access points, IP phones, Card readers, IP enabled coke machines, etc., don't makes me wonder.

 

The "unknown" devices might be simply a bad SNMP community string, or an overly tight ACL somewhere, I'll give that a look see.

 

Not sure where the rest of my switches are, and helpful hints would be appreciated.

 

Regarding the port scans, would it be possible to be told exactly that avenues Network Insight is taking to discover stuff?  I would imaging there is some CDP going on, when a Cisco sevice is discovered, but how intense is the port scan?  I suppose I can run a span port, but since it's a VM, and 10G ports are involved, it's easier to ask.

 

My end game is to be able to use REST API to get and put Interface description data, just so you know where this is going.

 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin