Knowing what's on your LAN is a vital first step towards managing it, but for too many network managers that means hours spent drawing up network diagrams that are out of date before they are even finished.
The alternative approach of using a tool such as HP OpenView to track and manage it all for you is highly attractive, but outside the budget of all but a small proportion.
LANsurveyor offers a middle ground. It automatically builds a map of the network, polling the clients and servers, and also talking to managed switches and hubs to see what's out there. That could mean a lot of saved shoe-leather when it comes to audit time, especially as it can then continuously monitor the network to make sure it stays they way it's meant to be.
As well as producing basic status and inventory data, the program can save network maps in Visio format, and copy lists - of LAN segments or IP addresses, say, or of data change rates for backup risk assessment - to Excel.
Navigating through the network map is a matter of clicking to select which level of detail you want to see - routers only, routers and switches, or all devices - and then drilling down. At level two, click on a switch or router and you can see what's attached to it and on which port, while at level 3 (all devices) it will give you specifics on that PC or server, say.
LANsurveyor starts out by pinging for nodes using ICMP, Netbios and SNMP. It then gathers device information either via SNMP, in particular for devices such as switches and routers, or via the Neon Responder software agent which can be installed on Windows and Mac systems. It can also use Netopia Timbuktu remote control and EMC Dantz Retrospect backup clients, and report SIP-specific data for voice-over-IP phones.
The Neon agent brings back lots more information than SNMP. As well as hardware data for asset management reports, it returns data on the active software processes and the applications installed on a client, allowing LANsurveyor to generate software inventory reports.
LANsurveyor has management capabilities too. It can manage the interfaces on a switch via SNMP, or use the Neon Responder to perform a variety of tasks such as shutting down or restarting a PC, synchronising its clock or sending a message to the PC user's screen. It can even be used to remotely deploy software, as it can send a file and then launch it. There is still no feature to activate wake-on-LAN, however.
Spotting the rogues
A useful security feature is that while it starts out by pinging every possible IP address, LANsurveyor also talks to your managed switches and wireless access points, so if a device connects to the network it will know about it, even if the device is cloaked or firewalled. That gives it a chance of detecting things that an IPS might miss, such as a rogue PC attacking a server attached to the same switch, or a PC being swapped for a wireless AP with a cloned MAC address.
In addition, you can set the software to automatically rescan the network on a periodic basis, adding new or changed devices to a Threat List of potential intruders, and polling existing nodes to check they are still active and responding correctly. Unauthorised or unauthenticated nodes on a managed switch can automatically be disconnected too, by disabling the relevant switch port.
Other security features include TCP port monitoring which can be used to see which systems have which ports open. The result is then checked for compliance with policy, and if a system is running something it shouldn't be or if a service that should be running is actually down, LANsurveyor generates an alert via SNMP traps, pop-ups, email or SMS.
In summary, LANsurveyor is a very good way to keep track of what you've got and what it's connected to, with the added bonus that it can track what's there but shouldn't be, plus what should be there but isn't.
Simple to get started with, not only does LANsurveyor powerfully cover the basics - and more - of network planning, asset management and network security, it also brings auto-discovery and drill-down capabilities.