There is a very common protocol that allows you to search for and inventory IT systems in a network. You guessed it right – I’m referring to SNMP (Simple Network Management Protocol). The Docusnap documentation tool supports the current versions of this protocol. Since an SNMP scan covers entire IP ranges, you can ultimately find all IT systems connected to your network. At least those that reply to a ping. For information on how to set up an SNMP inventory, please refer to the Docusnap User Manual.
For an SNMP inventory, it is recommended to define a separate community string, instead of using the default ‘public’ string permanently. For security reasons, IT systems should not respond to this default value. So be sure to carry out a one-time configuration of all your SNMP-enabled IT systems. When doing so, you can at the same time authorize the access to the IT system(s) in your network that may be scanned via SNMP. Sure, this involves a certain effort, but you will benefit from increased security. Using SNMP V3 for your inventory scan indeed involves the highest level of effort, as this version requires specifying a separate authentication for each system. This means a lot of work, but compared to other SNMP scans, V3 provides maximum security.
Do it all in a single step
Since it is possible to scan entire IP ranges using different community strings, there is no restriction on the search for systems, i.e. you can create a single inventory job to scan all systems. This way, you will also detect the devices for which the community string has not been adjusted yet. You can use the Scheduler to set up periodic scans for your IT systems and thus obtain consistent data over time. Provided that a new device has been properly configured at start-up, it will show up accordingly in the Docusnap database.
So you can use Docusnap to detect unwanted IT systems that might exist in your network. Of course, you should make sure that Docusnap never comes across devices unknown to the IT team. By comparing the number of systems found in each inventory scan, you can find out if devices were added since the last scan.
Enter the remaining systems manually
If a particular system cannot be queried via the network, your last resort is to enter its data manually. This might be necessary for a system that is not connected to the network for security reasons or that may not be enabled for automatic inventory. Later, you can always use the same procedure to add these IT systems in the IT Relations and IT Concepts modules.
Make sure that every IT system that exists physically is also maintained in Docusnap. The rule behind this is quite simple: a system which does not exist in the Docusnap database, must not be operational, i.e. only IT systems documented by Docusnap may be productive. If templates and checklists for the configuration of IT systems exist, add this rule to them.