CA Client Automation

Expand all | Collapse all

Using dmsweep to scan network IP range - help

Jump to Best Answer
  • 1.  Using dmsweep to scan network IP range - help

    Posted 10-09-2015 09:02 AM

    Hi everyone.

     

    I have the following ITCM design:

     

    - 1 Domain Manager Server (DM) on DMZ Lan (lan segment);

    - 1 Scalability Server (SS) on MONITORING Lan (lan segment);

    - Many itcm client agents installed on servers on another lan segment:

     

     

    (DM on dmz lan) ----- firewall ----- (SS on monitoring lan)

                                        |

                                        |

                       (clients agents other lan segment)

     

    I'm using dmsweep to scan my networks and I'm using dmsweep from DM server (start a scan from DM server on dmz lan).

    My main problem is that the traffic flow between lan segments:  DMZ -> clients agents lan segment is NOT ALLOWED (for security reasons).   

     

    Is there a way to start a scan from Scalability Server? Traffic between monitoring lan - clients agents lan is allowed.

     

    Regards,

     

    Nelson



  • 2.  Re: Using dmsweep to scan network IP range - help

    Posted 10-13-2015 10:35 AM

    HI Nelson

    You are going to have to have communication between the agent targets for the scan using dmsweep this functionality is the same as what is run behind the scenes when deployment wizard is run which you know does require the open ports to function correctly.

    Many clients open the ports on a temp basis for the dmsweep and then close them up. Then you should be able to deploy agents from the staged agent packages from the scalability server. Please refer to the implementation guide for more details on this topic especially the required ports that would need to be opened.

    Hope this is helpful

    Thanks

    Joe



  • 3.  Re: Using dmsweep to scan network IP range - help
    Best Answer

    Posted 10-13-2015 04:57 PM

    Code exists to do this but it is only delivered as part of the SERVER automation product, not Client Automation (even though I’m told the code is actually owned by the client auto team!).

     

    Please open an IDEA to request that this code (known as IDManager) be included in the Client Auto media so that Client Auto users can install and use it on Scalability Servers.

     

    You can also possibly request from product management that this code be made available to you now. This has been done at other sites. I would suggest you open a support issue for this.

     

    Steve McCormick, ITIL

    CA Technologies

    Principal Services Consultant

    Tel: +1-731-676-4223

    Stephen.McCormick@ca.com

    <mailto:Stephen.McCormick@ca.com>



  • 4.  Re: Using dmsweep to scan network IP range - help

    Posted 10-13-2015 05:11 PM

    Please drop me an email on this parst04@ca.com