VMware VCENTER APPLICATION DISCOVERY MANAGER 6.1.1 - RESPOSITORY, Руководство пользователя

Страница: 46 / 74

ADM User’s Guide
46 VMware, Inc.
Limitations
VI ‐ SDK does not expose some information and therefore ADM cannot discover some CIs. Specifically, the
following CIs will not be discovered through VI ‐ SDK:

Services

Configuration files

License files

Installed software

Operating system kernel related information (For Example, kernel version)
Discovering Dependencies with Detail Discovery
This section provides the necessary information to decide the method to discover dependencies and to
configure Detail Discovery to discover dependencies.
ADM Dependency Discovery Methods
Discovering dependencies is done through ADM using either of the following methods: Passive and Detail
Discovery together or only using Detail Discovery.
Passive Discovery assumes that a packet represents a dependency between two hosts, for example, there’s
most likely a good reason that host A sent a packet to host B. The shortcoming of this assumption in Passive
Discovery might not identify the service on the client ‐ side of a connection (client ‐ server communication
usually contains much more information on the server side than on the client side) correctly. As a result, ADM
might rely on Passive Discovery for discovering dependencies, while leveraging Detail Discovery to correctly
identify the service on the client side of the connection.
However, some clients have regulatory, business, or infrastructural barriers that prevent them from using
Passive Discovery. To penetrate these clients, ADM allows you to correctly identify dependencies using Detail
Discovery only, without relying on Passive Discovery.
The Process of Dependency Discovery Using Only Detail Discovery
To discover dependencies using Detail Discovery, ADM must leverage the capabilities exposed to it by the
protocol it uses to connect remotely to the interrogated host. ADM uses a cross ‐ platform and widely supported
program called netstat for remote shell protocols (for example, SSH and Telnet) and WMI. Since WMI does not
expose any port ‐ related information, netstat is used to run commands on the target Windows machine. With
SNMP, ADM interrogates a standard MIB2 table that exposes information about open TCP connections and
ports used by applications and services running on the interrogated host. ADM then uses heuristics to guess
the protocols used by those connections.
Table 5 ‐ 2 describes what ADM discovers about dependencies and how.
N
OTE
ADM uses heuristics to guess the protocols only for ports that are lower than 512.
Table 5-2. Dependency Discovering Methodology
What How
Discover the open connections that the
interrogated host has to other hosts on the
network (much like passive).
By querying the services exposed by the ADM protocol, as described
previously.
For each of those open connections, discover
the service that is using the connections.
ADM finds the process ID (PID) of the services running on the host, and
matches up that PID with the PID of each open connection.
Note: There is a limitation with some major OS platforms (SunOS, AIX,
and HP ‐ UX) for which netstat is unable to retrieve PID information. On
these platforms, this capability is disabled.