Available only in the Windows console.
Discovered systems are computers that Core Services is aware of, but that have not been added to the Secure Configuration Manager asset map. You can manually initiate the discovery process in the Windows console or enable Secure Configuration Manager to automatically discover systems on a scheduled basis. You can also discover unregistered endpoints on systems that you currently manage. For more information about discovering endpoints, see Discovering Endpoints on Managed Assets.
To enable discovery and specify the domains that you want to search, update the settings on the Discovery tab in the Core Services Configuration Utility. By default, Windows domain discovery is enabled, which enables Secure Configuration Manager to find systems in the local domain of the Core Services computer. However, when searching the specified Windows or DNS domains, Core Services might categorize some discovered systems as an unknown asset type. To discover only computers that run a Windows operating systems, NetIQ Corporation recommends using Active Directory discovery.
Once you have discovered systems in your environment, you can register them with Core Services and begin managing them. You must either deploy an agent to the discovered system to manage the asset, or use an agent on another asset to manage the endpoints by proxy. For more information about adding discovered systems to your asset map, see Section 3.0, Managing Your Assets.
NOTE:
Secure Configuration Manager cannot discover systems with IPv6-only addresses using the Windows domain discovery function. If you want to find systems with IPv6-only addresses, ensure that the systems are in an Active Directory or DNS domain and that these domains are enabled on the Discovery tab in the Core Services Configuration Utility.
When Secure Configuration Manager discovers an IPv6-only system in a DNS domain, Discovered Systems could display an older IPv4 address for that computer. Discovering older addresses occurs when a computer was changed from dual-stack to IPv6-only and the older IPv4 address was not deleted from the WINS server.
Your console user account must have proper permissions to discover systems. For more information about permissions, see Managing Permissions.
To initiate a manual discovery process, right-click Discovered Systems in the Discovered Systems navigation pane. By default, Secure Configuration Manager searches for all systems in the local domain. However, you can configure Core Services in the Core Services Configuration Utility to discover systems in specific DNS and Windows domains. The manual discovery process can also find systems in Active Directory, if you enable that functionality in the configuration utility. For more information about these settings, see the Help for the Core Services Configuration Utility.
Secure Configuration Manager can run processes in the background that enable you to automatically discover systems that have been added to your environment, as well as gather information about existing systems and endpoints. These processes can be triggered by registering endpoints and agents, as well as by running scheduled jobs.
When you register or re-register a UNIX or Windows operating system endpoint, Secure Configuration Manager can run the following types of queries:
The first query gathers more information about the endpoint and its agent. For example, the query reports the fully qualified domain name for the agent computer, which is useful for agent deployment. This query occurs regardless of any configuration settings for discovery. Core Services uses the reported results to update the Properties fields for the agent and endpoint.
A more in-depth query scans UNIX and Windows endpoints for additional, unmanaged applications such as Internet Information Services (IIS), Microsoft SQL Server, and Oracle. This in-depth query occurs only when you enable Application Endpoint Discovery in the Core Services Configuration Utility. Core Services uses the reported results to update the Properties fields for the endpoint, such as the protocol and authentication mode for an instance of SQL Server. For more information about application endpoint discovery, see Discovering Endpoints on Managed Assets.
If the Windows agent is also a Deployment Agent, Core Services instructs the agent to query Active Directory in the agent’s domain to find computers not currently managed by Secure Configuration Manager. This query occurs only when you enable Active Directory Discovery in the Core Services Configuration Utility. For more information about Deployment Agents, see Deploying Windows Agents to the Managed Assets.
These queries run in the background. To view results, you might need to refresh the Discovered Systems pane or view the Audit History. Secure Configuration Manager adds a notification in the Alerts content pane when Core Services discovers a new endpoint, system, or domain.
Secure Configuration Manager includes built-in jobs that perform discovery queries similar to the discovery during asset registration. One of these jobs can continuously scan your environment for unmanaged endpoints. For more information about scheduled jobs for discovery, see Scheduling the Discovery Process.
Secure Configuration Manager provides the following scheduled jobs that enable you to easily discover unmanaged systems and endpoints:
Enables you to regularly scan your environment for unmanaged systems, based on the settings for Windows, Active Directory, and DNS discovery in the Core Services Configuration Utility. This job is disabled by default. For more information about system discovery, see Automatically Discovering Unmanaged Assets.
Enables you to gather information about the agents on currently managed UNIX and Windows endpoints. With Application Endpoint Discovery enabled in the Core Services Configuration Utility, this job also scans UNIX and Windows endpoints for additional unmanaged applications, such as Internet Information Services (IIS), Microsoft SQL Server, and Oracle.
This job runs continuously, using the NetIQ Endpoint Discovery and Agent Configuration policy template as the query basis. The job queries 100 endpoints each run until all endpoints in your asset map have been checked. The job runs on a 30-day schedule. Thus, Core Services does not restart the job until 31 days after the previous start, even if all assets have been checked within the 30-day window. Core Services starts the process with the endpoints that have the oldest last-run date for the template. If you manually register an endpoint, Core Services marks that endpoint as queried, as if the job had run against the endpoint that day. If you manually run the NetIQ Endpoint Discovery and Agent Configuration policy template against a group of endpoints, Core Services sets that run as the most recent run of the job for those endpoints.
This job is enabled by default. You can verify job runs in the Audit History pane. Secure Configuration Manager adds a notification in the Alerts content pane when Core Services discovers a new endpoint or system. For more information about endpoint discovery, see Discovering Endpoints on Managed Assets.