Passive Device Discovery
Do you need to know what devices are connected to your network? For example, before a major migration to 802.1x? Without installing a software agent on each device?
Enterprise FreeNAC has a 'network discovery' module, providing automatic documentation and discovery of the different elements that are present in your network.
- Switches are queried for a list of devices currently attached to ports.
- For each port, the port number, last vlan and last used date are stored.
- Routers are queried for active IP/MAC addresses of end-devices.
- DNS is used for name resolution.
- Devices are scanned with 'nmap' to identify the Operating System and open ports.
- Devices can also be identified via the FreeNAC interface to McAfee EPO, Microsft WSUS, or Microsoft SMS, if your organisation has these tools installed.
The network discovery module can be run, even if the VMPS and 802.1x authentications modules are not enabled, i.e. FreeNAC is “passive”.
Even if you are not thinking in deploying FreeNAC for limiting LAN access, this module can prove useful for inventorying devices in the network.