Scenario: Discovering networked devices
You must perform device discovery before the initial deployment of the security applications. When all networked devices are discovered, you can get information about them and manage them through policies. Regular network polls are needed to discover if there are any new devices and whether the previously discovered devices are still on the network.
When you complete the scenario, device discovery is set up and will be conducted according to the specified schedule.
Prerequisites
In Kaspersky Security Center Cloud Console, device discovery is performed by distribution points. Before you start, do the following:
- Decide which devices will act as distribution points.
- Install Network Agents on the devices that you chose.
- Manually assign the devices to act as distribution points.
Stages
The scenario proceeds in stages:
- Choosing types of discovery
Decide which type(s) of discovery you want to use regularly.
- Configuring polls
In the properties of each distribution point, enable and configure the types of network polling that you chose: Windows network polling, domain controller polling, or IP range polling. Make sure that the poll schedule meets the needs of your organization.
If networked devices are included in a domain, it is recommended to use domain controller polling.
- Setting up rules for adding discovered devices to administration groups (optional)
If new devices appear on your network, they are discovered during regular polls and are automatically included in the Unassigned devices group. If you want, you can set up the rules for automatically moving these devices to the Managed devices group. You can also establish retention rules.
If you skip this rule-setting step, all the newly discovered devices go to the Unassigned devices group and stay there. If you want, you can move these devices to the Managed devices group manually. If you move the devices to the Managed devices group manually, you can analyze information about each device and decide whether you want to move it to an administration group, and, if so, to which group.
When a network polling operation is complete, check that the newly discovered devices are arranged according to the configured rules. If no rules are configured, the devices stay in the Unassigned devices group.