LAN Watch uses an existing VSA agent on a managed machine to periodically scan the local area network for any and all new devices connected to that LAN since the last time LAN Watch ran. These new devices can be workstations and servers without agents or SNMP devices. Optionally, the VSA can send an alert when a LAN Watch discovers any new device. LAN Watch effectively uses the agent as a proxy to scan a LAN behind a firewall that might not be accessible from a remote server.
Using Multiple Machines on the Same LAN
Typically, you do not have to run a LAN Watch on more than one machine in a scan range. Some reasons to do a LAN Watch on multiple machines within the same scan range include:
Using the Same Operating System for Discovery and Agent Installs
Windows, Macintosh, and Linux agents can discover Windows, Macintosh, and Linux machines on the same LAN using LAN Watch. Agent > Install Agents can only install agents on:
Note: Macintosh agent install packages require a credential when using Agent > Install Agent, or when installing agents using the /s "silent install" switch.
Note: For Linux machines, the
LAN Watch and SNMP
The LAN Watch discovery machine issues the SNMP requests to the SNMP devices it discovers on the same LAN. So you must run LAN Watch first to have access to SNMP-enabled devices using the VSA.
To include SNMP devices in the discovery scan performed by LAN Watch:
Click Schedule to display the Scheduler window, which is used throughout the VSA to schedule a task. Schedule a task once or periodically. Each type of recurrence—Once, Hourly, Daily, Weekly, Monthly, Yearly—displays additional options appropriate for that type of recurrence. Periodic scheduling includes setting start and end dates for the recurrence. Not all options are available for each task scheduled. Options can include:
Click Cancel to stop the scheduled scan. Cancel also deletes all records of the devices identified on a LAN from the VSA. If you re-schedule LAN Watch after clicking Cancel, each device on the LAN is re-identified as though for the first time.
Scan IP Range
Set the minimum and maximum IP addresses to scan here. Selecting a machine ID to scan, by checking the box next to that machine's name, automatically fills in the minimum and maximum IP range based on that machine's IP address and subnet mask.
Note: LAN Watch does not scan more than 2048 IP addresses. If the subnet mask of the machine running LAN Watch specifies a larger IP range, LAN Watch limits it to 2048 addresses. LAN Watch only detects addresses on the local subnet to the machine you run LAN Watch from. For example, with a subnet mask of 255.255.255.0, there can be no more that 253 other devices on the local subnet.
If checked, scan for SNMP devices within the specified Scan IP Range.
Read Community Name / Confirm
LAN Watch can only identify SNMP devices that share the same SNMP Community Read value as the managed machine performing the LAN Watch. Enter the value in the Read Community Name and Confirm text boxes.
Note: Community names are case sensitive. Typically the default read community name value is
Windows only. If checked, identify vPro-enabled machines within the specified Scan IP Range. A machine does not need to be a vPro machine to discover vPro machines using LAN Watch. If a vPro machine is used as the LAN Watch discovery machine, it cannot discover itself.
Note: vPro configuration is a prerequisite to using this feature. Refer to the latest Intel documentation for information on how to configure vPro. At the time of this writing, the following link leads to the Intel documentation: http://communities.intel.com/community/openportit/vproexpert.
Username / Password / Confirm
Enter the appropriate vPro credentials to return hardware asset details about vPro machines discovered during the LAN Watch. Typically the same credentials are defined for all vPro machines on the same LAN. The results are displayed using Agent > View vPro.
Note: vPro-enabled machines with a vPro credential can be powered up, powered-down or rebooted using Remote Control > Power Management.
If Enable Alerts is checked and a new device is discovered by LAN Watch, an alert is sent to all email addresses listed in Email Recipients. LAN Watch alerts and email recipients can also be specified using the Monitor > Alerts page.
Note: Machines that have not been connected to the LAN for more than 7 days and then connect are flagged as new devices and will generate an alert.
If alerts are enabled, enter the email addresses where alert notifications are sent. You can specify a different email address for each managed machine, even if it is for the same event. The From email address is specified using System > Outbound Email.
Ignore devices seen in the last <N> days
Enter the number of days to suppress alerts for new devices. This prevents creating alerts for devices that are connected to the network temporarily.
If checked and an alarm condition is encountered, an agent procedure is run. You must click the select agent procedure link to choose an agent procedure to run. You can optionally direct the agent procedure to run on a specified range of machine IDs by clicking this machine ID link. These specified machine IDs do not have to match the machine ID that encountered the alarm condition.
Skip alert if MAC address matches existing agent
Checking this box suppresses alerts if the scan identifies that the MAC address of a network device belongs to an existing managed machine with an agent on it. Otherwise a managed machine that was offline for several days and comes back online triggers an unnecessary alert during a LAN Watch.
These icons indicate the agent check-in status of each managed machine. Hovering the cursor over a check-in icon displays the agent quick view window.
Online but waiting for first audit to complete
Agent online and user currently logged on.
Agent online and user currently logged on, but user not active for 10 minutes
Agent is currently offline
Agent has never checked in
Agent is online but remote control has been disabled
The agent has been suspended
The list of Machine.Group IDs displayed is based on the Machine ID / Group ID filter and the machine groups the user is authorized to see using System > User Security > Scopes.
IP Range Scanned
The IP addresses that are scanned by the selected machine ID when LAN Watch runs.
This timestamp shows when the last scan occurred. When this date changes, new scan data is available to view.
Windows only. If a primary domain controller icon displays, this machine ID is a primary domain controller. If checked, performing a scan on a primary domain controller running Active Directory enables you to "harvest" the users and computers throughout a domain. You can subsequently install VSA agents automatically on computers listed in Active Directory and create VSA users and VSA users based on Active Directory administrator credentials. See View AD Computers and View AD Users.
If the SNMP icon displays, SNMP devices are included in the scheduled scan.
Windows only. If the vPro icon displays, vPro machines are included in the schedule scan.
If checked LAN Watch alerts are enabled for this scan.
Topic 398: Send Feedback. Download a PDF of this online book from the first topic in the table of contents. Print this topic.