Introduction to Network Discovery - Adaptive Applications - BlueCat Gateway - 24.1.2

Network Discovery Administration Guide

ft:locale
en-US
Product name
BlueCat Gateway
Version
24.1.2

BlueCat Adaptive Applications are licensed, out-of-the-box applications that provide you with advanced DDI functionality with minimal configuration. Adaptive applications extend the functionality of BlueCat DNS Integrity — BlueCat's core adaptive DNS platform.

The Network Discovery adaptive application searches for IPv4 and IPv6 addresses and networks within your organization, retrieving data for devices on subnets that are not directly accessible from BlueCat Address Manager (BAM). This information is returned to BAM, where it can be reconciled with existing BAM data. This app integrates with and extends existing network discovery features in BAM.

In addition to scanning for devices on regular routers and switches, you can use this app to discover devices connected to networks that have been segmented using VRF configuration on Cisco Nexus 9000 switches. VRF allows for multiple instances of a routing table to exist and function within the same virtual router.

Network Discovery is built on the BlueCat Gateway platform. It consists of two main components:

  • Network Discovery Management: Runs the user interface (UI) and APIs that let you manage and discover network devices. From here, you can:

    • Add a new IPv4 and IPv6 Reconciliation Policy with the discovery configuration to be used by Network Discovery's discovery engine.
    • Delete an IPv4 and IPv6 Reconciliation Policy that you added.
    • Run an IPv4 and IPv6 Reconciliation Policy right away.
    • Update the details of an existing IPv4 and IPv6 Reconciliation policy.
    • Verify Network Discovery configuration after it is installed.
  • Network Discovery Probe: The discovery probes and APIs that perform external discovery probe operations. You can configure these to run at specific intervals for specific policies.

How the Network Discovery application works

The Network Discovery application acquires information from routers using SNMP (Simple Network Management Protocol) or LLDP (Link Layer Discovery Protocol) interrogation techniques, depending on which is used by the router. It queries Layer 2 and Layer 3 switches to discover the IP address, hardware address, and DNS host names (if DNS is available) for hosts on your network.

Network Discovery can also send ICMP packets to discover the IP address for hosts on your network.

Network Discovery v24.1 introduces a new architecture in which a direct connection from the Probe to BAM is no longer required. This is because the Probe does not send the discovery output results (as JSON files) to BAM. Instead, the Probe sends the JSON files to the Management component, which then performs SSH and copies the results to BAM (as indicated by the connection in Green from the Management component to BAM in the following diagram). This new architecture enables the Probe to be located in the same network as the router/switch regardless of BAM. Meanwhile, the Management component in a separate container can still monitor and control the remote Probe. For more information, see Standalone Discovery Probe configuration.

In previous releases, the Probe required a direct connection to BAM to perform SSH and copy the JSON files to BAM (as indicated by the connection in Green from the Probe component to BAM in the following diagram).