Simply put, network discovery is a communication and identification technique that enables organizations to determine which assets are currently connected to their network. In traditional enterprise networks, these assets include on-premise network equipment such as switches, gateways, modems, wireless access points, and routers.
Since many of the aforementioned network devices also host ARP tables that list other devices such as laptops, printers, and VoIP handsets that are connected to the enterprise network, the traditional network discovery solutions also provide an accurate inventory of the regular devices that are connected to an organization’s private networks.
Down the road, it is expected that enterprise networks will expand and diversify to include off-premises assets such as public clouds and computing nodes at the network edges. As virtual extensions to enterprise networks such as Azure VNETs, AWS VPCs, and edge cloud nodes with private 5G become more commonplace, modern API-based cloud discovery mechanisms are quickly becoming a valuable extension to the traditional network discovery methods, and in enabling centralized and secure management of the various network assets.
The discovery process requires network administrators to communicate with active devices and processes, in order to properly identify them. This communication typically occurs through a combination of three standard protocols.
Besides the traditional network discovery protocols, the cloudification of the enterprise networks has led to increased use of virtual extensions to the enterprise networks. These extensions are typically VPN-connected subnets running in both public and private cloud stacks such as Amazon Web Services, Microsoft Azure, VMware, and various Linux-based systems running at the network edges.
By complementing the traditional network discovery protocols with plug-ins that have been designed to read in network data from these cloud stacks, organizations can enjoy a single pane of glass into all the assets in their hybrid enterprise networks. Collating all the network data into a single Network Source of Truth is also beneficial from the security perspective, as it facilitates the enforcement of unified security policies for all network assets both on- and off-premise.
With automation to ensure accurate and fully configured network/cloud discovery, organizations receive a number of benefits:
FusionLayer Infinity provides a single source of truth for enterprise networks, coupled with built-in discovery functionality for both traditional and cloud-based subnets in hybrid networks. FusionLayer not only reads host data from the ARP tables, but also other information about connected devices, like the ports they are connected to, used VLANs, and device names. This data gives more detailed network information to network engineers than is available in more traditional IP Address Management (IPAM) solutions that lack the built-in discovery functionality.
Using the built-in tools for network/cloud discovery, FusionLayer can also give host Information (such as IP, MAC, etc.) of devices that are connected to a network device. The FusionLayer system allows host data to be read into the system from existing enterprise DNS, which is very helpful in cross-referencing the hosts in DNS to the devices that have been discovered from the network. This helps network managers see the full picture of their network infrastructure.
To complement the information that has been discovered using the above mechanisms, FusionLayer Infinity can also be integrated with several other technology stacks through the APIs that they provide. These include DNS and DHCP solutions from FusionLayer, Microsoft, and F5; private cloud stacks from VMware and different distributions in the Linux community (Neutron API); as well as populate managed cloud stacks such as Microsoft Azure and AWS.
Thanks to the rich feature set provided by FusionLayer, taking control of your hybrid enterprise network has never been this easy!