- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-09-2023 02:26 AM
I understand that for the Service Account based Cloud Discovery, we need to setup the discovery credentials as per the cloud vendor and we need to setup the mid server. I was wondering whether we could do a simple IP based discovery if we have the MID Server installed on the Cloud environment. If this approach is possible, is there any difference in the data populated to CMDB tables through each approach?
Solved! Go to Solution.
- Labels:
-
Architect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-09-2023 02:38 AM
Hi @Kannan Nair ,
there are 2 types of discovery needed to get the 'full picture' of a virtual machine/device.
1st cloud discovery gets the cloud-based meta data, such a network definitions (VPC details in AWS world), data centers, etc. But this does not get the running details of the OS (processes, installed software, IP connections between nodes, etc.)... that's actually impossible in some cases if you think about it. When a VM is shut OFF, there are no running processes, no IP connections between devices that are not running etc.. but the cloud disco can find the definition of the VM and its components (the config that is managed within the AWS console for example).
2nd discovery is IP-based disco that is only possible when the VM machine is on, active and accessible. When this 2nd disco runs, it can uncover IP connections, installed software, etc.. i.e. all the details that can be found only when the machine is up and running.
Same principal applies to all cloud and virtual environments. The 1st disco is getting the definition of the virtual world and its hosting infrastructure, while the 2nd disco interrogates the running machines.
2nd Discovery (i.e. IP-based disco) varies depending on the cloud provider. For example, in AWS the current best practice is to set up cloud disco with appropriate AWS permissions to A) get all cloud details and then when configuring the disco-schedule there is an OPTION to allow the same AWS-account to do: B) IP-level discovery using the same authority access. This simplifies the procedure because 1 master AWS acct can do EVERYTHING, ie. both 1st (cloud) and 2nd (IP) disco. Of course, this situation still requires 2 phases (get cloud stuff, then get IP stuff). This is for AWS as a best practice.. and this changed from a few years ago in an earlier version of SN.
Also,
Cloud Based Discovery:- Cloud discovery helps enterprises comprehensively identify all cloud instances spanning applications, databases, containers and related services running at a given point in time. ... It helps security and operations teams manage these services efficiently and derive peak performance from their cloud investments.
Cloud Discovery enables IT departments of companies to collect detailed information about their cloud-based infrastructure. Cloud Discovery finds resources in major cloud service providers.
Cloud Discovery finds resources in the following cloud providers: Amazon AWS Cloud, Microsoft Azure Cloud, Google Cloud Platform (GCP), IBM Cloud Platform. Cloud Discovery collects the logical datacenters associated with the account, as well as any subaccounts. Collecting information about resources on the cloud is relevant for companies, organizations, and cloud companies providing Platform-as-a-Service solutions.
IP Address Discovery:- Discovery identifies and classifies information about IP addresses.
IP discovery is the process of scanning your network for IP devices through one or several methods like SNMP, ICMP, or neighborhood scanning.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-09-2023 02:38 AM
Hi @Kannan Nair ,
there are 2 types of discovery needed to get the 'full picture' of a virtual machine/device.
1st cloud discovery gets the cloud-based meta data, such a network definitions (VPC details in AWS world), data centers, etc. But this does not get the running details of the OS (processes, installed software, IP connections between nodes, etc.)... that's actually impossible in some cases if you think about it. When a VM is shut OFF, there are no running processes, no IP connections between devices that are not running etc.. but the cloud disco can find the definition of the VM and its components (the config that is managed within the AWS console for example).
2nd discovery is IP-based disco that is only possible when the VM machine is on, active and accessible. When this 2nd disco runs, it can uncover IP connections, installed software, etc.. i.e. all the details that can be found only when the machine is up and running.
Same principal applies to all cloud and virtual environments. The 1st disco is getting the definition of the virtual world and its hosting infrastructure, while the 2nd disco interrogates the running machines.
2nd Discovery (i.e. IP-based disco) varies depending on the cloud provider. For example, in AWS the current best practice is to set up cloud disco with appropriate AWS permissions to A) get all cloud details and then when configuring the disco-schedule there is an OPTION to allow the same AWS-account to do: B) IP-level discovery using the same authority access. This simplifies the procedure because 1 master AWS acct can do EVERYTHING, ie. both 1st (cloud) and 2nd (IP) disco. Of course, this situation still requires 2 phases (get cloud stuff, then get IP stuff). This is for AWS as a best practice.. and this changed from a few years ago in an earlier version of SN.
Also,
Cloud Based Discovery:- Cloud discovery helps enterprises comprehensively identify all cloud instances spanning applications, databases, containers and related services running at a given point in time. ... It helps security and operations teams manage these services efficiently and derive peak performance from their cloud investments.
Cloud Discovery enables IT departments of companies to collect detailed information about their cloud-based infrastructure. Cloud Discovery finds resources in major cloud service providers.
Cloud Discovery finds resources in the following cloud providers: Amazon AWS Cloud, Microsoft Azure Cloud, Google Cloud Platform (GCP), IBM Cloud Platform. Cloud Discovery collects the logical datacenters associated with the account, as well as any subaccounts. Collecting information about resources on the cloud is relevant for companies, organizations, and cloud companies providing Platform-as-a-Service solutions.
IP Address Discovery:- Discovery identifies and classifies information about IP addresses.
IP discovery is the process of scanning your network for IP devices through one or several methods like SNMP, ICMP, or neighborhood scanning.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-13-2023 11:35 AM
Thanks Sandeep for the Quick response. I understand that we would need this 2 step process to get the comprehensive data within the cloud environment.
However, I had one doubt. If we are trying to have a cloud discovery where there is no OOB service account(unlike the OOB Service Accounts for AWS and Azure) and if we wants to bring in the device specific data can we go for conventional IP Based discovery after installing a mid server in the cloud environment.
