SSH discovery - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

Discover devices on your network, such as routers or switches, using SSH.

Previous versions of Address Manager’s built-in SNMP discovery mechanism couldn't discover information on certain routers or switches (for example, Cisco IOS 12.2.xx) due to differences in the OID data output format. Router and switch information could be collected by using a particular SSH command as an alternative. Address Manager v9.4.0 includes a built-in SSH discovery utility to retrieve the information on these routers or switches directly using SSH, bypassing SNMP to gather the information.

Starting the SSH discovery utility on the Address Manager server (/home/bluecat/discovery) will discover devices on your network then generate a JSON file that can be consumed by Address Manager so the data gathered can be reconciled into Address Manager IPAM.

This SSH discovery utility has been tested on Cisco routers and switches that support both SSHv1 and SSHv2. This utility also works with Cisco ASA devices that support SSHv2. For ASA devices with SSHv1 enabled, the utility will display a message and skip the discovery process for those ASA devices.

Supported devices

Address Manager SSH discovery utility supports the following devices:
  • Cisco IOS based devices (using SSH v1.0 and SSH v2.0)
  • Cisco ASA devices (using SSH v2.0)

Restrictions

The router or switch should be able to execute the following commands:
  • show version
  • show ip interfaces
  • show ip arp
ASA devices should be able to execute the following commands:
  • show version
  • show interface
  • show arp
Note: The SSH discovery utility depends on the output of the listed commands. If the output format is different then the discovery script might not execute properly. If this occurs, contact BlueCat Customer Care for assistance.

Limitations

  • Discovery of devices in a VRF environment isn't supported.
  • Address Manager will discover only the Layer 3 information found in IP addresses, MAC addresses, and networks/subnets.
  • Layer 2 discovery isn't yet supported.
  • IPv6 discovery isn't supported. However, IPv4 discovery on an IPv6 enabled device is functional.