Configuring the Discovery module

The Discovery module scans the IPv4 address and port ranges configured in your system’s Network Discovery objects. For more information about discovery, see Discovering certificates and keys.

IMPORTANT  You must have the View and Write permissions to the Discovery module.

To configure a Discovery module

  1. From the Platform menu bar, click Policy Tree.

  2. Select the Platforms tree from the Tree drop-down menu.
  3. In the Platforms tree, select the Discovery module.
  4. Configure the Discovery module object settings, and then click Apply.

The following table describes available settings and options for the Discovery module.

Discovery module Configuration Settings

Field

Description

Discovery module

Settings

  

Disabled

Disables the Discovery module.

No discovery scans occur when the Discovery module is disabled.

Connection Timeout

Amount of time (in seconds) that Discovery waits for connection results before making another attempt.

  • Default = 10
  • Minimum = 1
  • Maximum = 300

SSL/TLS Handshake Timeout

Amount of time (in seconds) that Discovery waits for a successful SSL/TLS handshake before making another attempt.

  • Default = 10
  • Minimum = 1
  • Maximum = 300

Pause between connection attempts

Amount of time (in milliseconds) that Discovery waits between connection and handshake attempts.

  • Default = 1

Socket Load

Percentage of available Windows sockets used by the Discovery engine.

  • Default = 90%
  • Minimum = 5%
  • Maximum = 90%

Discovery has the potential to run slower if you don’t give it more resources. To optimize Discovery performance, you can modify the Registry to increase the maximum number of ephemeral ports. For more information, see the following Microsoft Support Document: http://support.microsoft.com/kb/196271.

Processing Window

The Discovery module processes discoveries only during the designated processing times. This means that if you click Run Now to manually run a discovery, the discovery is placed in the discovery queue, but does not run until the designated processing times.

Run Between

Select the time span during which you want this Discovery module to process discoveries.

Run only on

Select the specific days of the week you want this Discovery module to process discoveries.

General Tab

Permissions tab

On the Permissions tab, you select the users or groups to whom you want to grant permissions to the current object. Then, you select which permissions you want the users or groups to have. You can also manage object permissions via parent objects, including the root Platform object or the Trust Protection Platform server object (found in the Platforms tree). . If you configure Permissions in a parent object, those permissions are inherited by all subordinate objects.