Click 'Network Management' > 'Discoveries' to open the scan configuration area
Create a discovery scan
Run the scan
Enroll discovered devices to Endpoint Manager - Click here
- The network discovery feature lets you scan networks by IP and SNMP to identify all connected endpoints.
- The scans are run by a 'probe device' placed inside the network you want to scan. The probe device must be a managed Windows endpoint which has already been added to Endpoint Manager.
- Devices found by the scan are shown in 'Devices' > 'Device List' > 'Discovered Devices:
- All newly discovered devices are 'Unmanaged'. This means you can’t yet control them with Endpoint Manager. You need to install the communication client on the devices to enroll them.
- This first release of the feature is only intended as a quick way to see which devices are connected to a network, and to place those devices into a device group.
- You can then create a client installation package for the group and use Comodo's auto-deployment tool to install the package on group devices. This will enroll the devices to endpoint manager.
- You can change the owner and group of these devices after they have been enrolled. Full auto-enrollment of discovered devices is coming in later releases.
- Make sure your probe device is in place in your target network. It can be any managed Windows endpoint that you have already added to Endpoint Manager. It is the communication client on the probe device which handles the scan.
- Create a target group for the discovered devices:
- Click 'Devices' > 'Device List' > 'Group Management' > 'Create Group'.
- Select the target customer and name the group, for example, 'Discovered Devices – Company X'.
- Do not add any existing devices to this group. Leave it empty. The group is purely to segment the discovered devices. You can move devices to different groups after they have been enrolled.
Create a discovery scan
- Open Endpoint Manager
- Click 'Network Management' > 'Discoveries' > 'Create' > 'Discovery by Network’:
- Create a name for the discovery task. For example, 'Discovery Task on Company X network'.
- Click 'OK' to open the task configuration screen:
- Click the ‘General’ tab then click 'Edit' to configure the scan:
- Discovery name - Create a label for the discovery task. Ideally, the label should help you identify the target or purpose of the task in future. For example, ‘Discovery Task on Company X network'.
- Customer – Specify the company that owns/controls the target network. Make sure you select the customer you identified in ‘Preliminaries’.
- Enter the first few letters of a company name and select from the suggestions.
- Device group – The group to which identified devices will be assigned. Please make sure you select the group you just created in ‘Preliminaries’.
- Enter the first few letters of the device group and select from the suggestions.
- SNMP – Choose whether to add a simple network management protocol (SNMP) scan to the discovery task.
- If enabled, the SNMP scan will run simultaneously with the IP range scan.
- The results from the SNMP scan are reported separately to Endpoint Manager and may find additional devices.
- The ‘Community String’ is a passcode sent with each SNMP Get-Request to authenticate access to a router or other device. If the community string is correct, then the device responds with the requested information.
- Most network vendors ship their equipment with a default password of "public". This is the so-called "default public community string".
- Probe Devices – Choose the device you want to use to run the scan. A probe device is a managed Windows endpoint inside the network that you want to scan. The device must already be enrolled to Endpoint Manager and have the communication client installed. This device will launch the scans you request on the target network:
- Type the name of the device you want to use in the 'Device' field. EM will auto-suggest candidates as you type.
- Click 'Add' to save your probe device.
- Repeat the process to add more probes. Multiple probes act as fail-overs for each other.
- You must select a default probe for scans if you add multiple probes. The other probes will only run the scan if the default probe is not available.
- IP ranges - Specify the IP address range that you want to scan for devices. You can add any number of IP ranges within the network for a single discovery task. You can also specify addresses to be skipped as exclusions.
- Leave IP range blank if you want to scan the entire network to which the probe is connected.
- Alerts (Optional) - Select which events you want to be notified about. Events include when the scan ends, when a new device is found, and when a new IP is found.
- Discovery Logs – View the results of previous scans ran under this task. Click ‘Details’ to view devices found by the scan. This area will become populated only after you run your first scan.
- Click ‘Save’ when you have finished configuring the scan.
Run the scan
- Click ‘Network Management’ > ‘Discoveries’
- Select the scan you just created in the ‘Create a discovery scan’ step
- Click the ‘Discover Now’ button above the table:
- Skip if probe device is offline – Select to abort the scan if the probe device is not available. If unselected, then the scan will be queued until the device comes online.
- Click ‘Discover’ to start the scan. The scan will run for 10 minutes before reporting back to Endpoint Manager. The SNMP scan is started simultaneously if you enabled it.
- All discovered devices will go into your new group.
- You can view all discovered devices in 'Devices' > 'Device List' > 'Discovered Devices'.
Next: Enroll discovered devices to Endpoint Manager