...

Architecture – Netscan

Estimated reading: 3 minutes

Introduction

Almaden NetScan is a plug-in for the ADA Module that can search for active IP addresses and retrieve configuration data from them. This data is periodically collected and automatically, along with other samples from ADA.

One of the most important features of NetScan is determining the exact number of machines in your company’s network. It scans the network and provides the total number of machines within the company’s network and identifies which machines do not yet have the Almaden agent installed.

Prerequisites

  • ADA must be installed for the product to function.
  • You must have System Administrator privileges on the applicable operating systems.
  • The host must be powered on at least once within the defined period to search for active IP addresses. You will need to select the IP address range(s) for the scan.

Topology

image 6 Architecture - Netscan

Data Collection Process

  • The plug-in sends a ping to the specified IP address or range.
  • If the ping fails, it attempts to gather information via NetBIOS.
  • If NetBIOS fails and the “Use SNMP” option is enabled, the plug-in attempts to retrieve information using SNMP.
  • If SNMP also fails, the plug-in tries to extract data using reverse DNS lookup, identifying the hostname from the machine’s IP address.
  • If all attempts fail, the computer will not be added to the collection.

NOTE: If NetBIOS fails, SNMP can only collect data remotely if the target machine has the SNMP agent installed. The user should be aware that enabling SNMP may increase the duration of the data collection process.

Additional Configuration Options

  • “Desktop/Server”: You must choose one of these options to classify all machines within the scanned IP range as either “Desktops” or “Servers.” The default option is “Desktop.” After selecting this, you can edit it later . This may transfer backlog from desktop to server. A confirmation message will be displayed before proceeding.
  • “Ping each IP before scanning”: When enabled, this option ensures that the NetScan plug-in contacts each IP address before scanning it for configuration data. If the contact attempt fails, the machine will not be scanned.
  • “Include non-Windows Machines”: Enable this option if you want to scan for non-Windows machines as well. Any type of machine (Unix/Linux) can be detected, provided that Samba Server is correctly installed and configured. This option is only available when “Ping each IP before scanning” is selected.

Protocols

SNMP v2 (Simple Network Management Protocol v2):

  • UDP 161: Default port for SNMP (used for queries and commands).

NBTSTAT (NetBIOS over TCP/IP):

  • UDP 137: Port for NetBIOS name resolution.
  • UDP 138: Port for NetBIOS datagrams (data broadcasts).

PING (ICMP – Internet Control Message Protocol):

SMB (Server Message Block):

  • TCP 445: Port used for SMB over TCP/IP (commonly used for file sharing).
Almaden Netscan Architecture - Netscan
Next - Architecture – Plugins Architecture – Distribuition Wizard (ADW)

Recently Viewed articles

Share this Doc

Architecture – Netscan

Or copy link

Table of Contents
Scroll to Top