What is network discovery?

Effective network discovery allows businesses to identify devices wherever they are, and use service mapping to understand the service context.

When devices are interacting over a network—whether it be on-premises, in the cloud, or a hybrid network incorporating both options—network discovery lets them connect and communicate effectively. System administrators can locate devices on a large network and gain better control of their infrastructure, enforce improved device-access policies, and create device inventories. Network Discovery finds computers, servers, printers, and a variety of IP-enabled devices, as well as the applications that run on them.

Network discovery graphic.

Network discovery provides the opportunity to create network maps that improve visibility into the way that hardware is connected in an enterprise’s network. A kind of network discovery known as horizontal discovery scans your network, finds computers and devices, and then populates the CMDB with any discovered infrastructure and applications, which are also known as Configuration Items (CI).

Horizontal discovery creates direct relationships between CIs, such as a runs on relationship between an application CI and the actual computer CI that it runs on. Horizontal discovery is not aware of business services and does not create relationships between CIs based on the business service they are in. Network discovery software helps IT teams of all sizes manage an influx of IT resources that connect to the network, and have better control over them.

Network discovery in hybrid deployments

While traditional on-premises and cloud networks may incorporate a range of devices and applications, hybrid network solutions can be even more complex. Organizations that rely on combinations of virtual, wired, wireless, and cloud networks create a unique network topography in which identifying the root causes of issues can become extremely difficult. Network discovery in hybrid deployments helps identify vital network connections, so IT teams can troubleshoot and resolve bottlenecks that might be negatively impacting organization operations.

IT teams require visibility into their network in order to fulfill their respective duties—they may not be able to understand the relationship between devices and how they communicate with each other when network discovery is not in play. When networks experience downtime, network discovery provides response teams with relevant data, allowing them to more quickly identify and address the issue.

Hybrid networks, such as virtual, wired, and wireless networks can complicate a network topology and make it difficult for IT teams to identify any root causes when an incident or issue occurs. And, as digital operations continue to increase in scale, networks are also beginning to change in terms of layout. BYOD policies and increased dependency on smart technology mean that employees are adding personal devices to the workplace. As such, monitoring basic health metrics is no longer a usable baseline—businesses must be able to use network discovery tools to have visibility of all internal activity.

Cybersecurity is also aided by network discovery, as invalid IP addresses can be identified as a sign of a malicious device that is carrying malware. IT and Security teams may use network discovery to run regular scans to identify any threats that might be sitting quietly on a network, poised for attack.

Network discovery can further improve security by helping teams identify open ports on connected devices, and inform decisions regarding which ports do and do not need to be open for business operations to run effectively.

There are three delivery protocols that IT teams use to find and track devices on the network: Simple Network Management Protocol, Link Layer Discovery Protocol, and ping.

Simple Network Management Protocol (SNMP) lets IT teams gather and organize data about devices on a network. Link Layer Discovery Protocol (LLDP) is vendor-neutral, and transmits device information to a directly-connected device during regular intervals. Pings are a software utility that lets teams test the reachability of a device on an IP network—they send an Internet Control Message Protocol (ICMP) to a connected device, and measures the time that it takes to receive an answer.

An agent-based discovery places an “agent” on each target system for discovery that runs a piece of code on the target, “calls home” to a central server, and reports back what it found. Agents are hosted locally, and are capable of gathering and storing performance and availability metrics from servers, computers, virtual machines, operating systems, and many network devices and applications. While agents are often deployed manually (either by physically installing them on each target machine or by remote installation), some may be installed using mass deployment technologies.

Agentless network discovery does not require a client installed at the end point in order to gather information about the asset. It gathers all of the data remotely from a central tool run on a server. Agentless discovery eliminates the need for time-consuming manual deployment, but because they do not reside on the machines themselves, they may be more limited in terms of what kind of data they have access to. Agentless monitors depend heavily on available network resources, and may be affected by network issues, such as latency, packet loss, or poor connections.

Network discovery not only allows an IT team to see other devices, but it also allows them to communicate with the device—for instance, printing something without a connected cable. Another advantage is that you can transfer files between devices directly over the Wi-Fi rather than using the internet, or relying on manual transfer.

A primary disadvantage is that data transmitted between connected devices could be intercepted by a third-party. Network discovery opens the opportunity for hackers to “sniff” a network and intercept something that is being transmitted.

Network discovery software utilizes processes to help teams understand their network layout. Discovery protocols that are applied can collect information about virtual computers and networks, software on a network, hardware on a network, and the logical and physical relationship between network assets.

The tool works by automatically gathering data using IP scanes, ping sweeps, and polling devices with SNMP monitoring, which works more rapidly and effectively than manual gathering.

Capabilities that scale with your business

Foresee problems before they arise with ServiceNow.