Network Insight is supported on the following physical appliances: ND-800, ND-805, ND-1400, ND-1405, ND-2200, ND-2205, and ND-4005; and the following virtual appliances: ND-V800, ND-805, ND-1400, ND-V1405, ND-V2200, ND-V2205, and ND-V4005. All appliances that perform discovery require a Discovery license. Appliances with this license only perform discovery tasks and do not perform core DNS or DHCP functions.
Discovery appliances that only detect devices and collect device data are called Probes, which are members of the Infoblox Grid, separately dedicated to the tasks of polling and discovery of networks and devices. A separate appliance, called the Consolidator, aggregates and organizes all collected device information from the Probes and synchronizes with the Grid Master. For more information, see Consolidator and Probes.
You can configure supported appliances as the Consolidator and Probes, as illustrated in Figure 15.1. The Consolidator aggregates discovered data it collects from Probes and transfers the data to the Grid Master for device management and reporting purposes.
In the Grid, the Grid Master synchronizes data among all Grid members through encrypted VPN tunnels. Communications between the Consolidator and Probes are also through encrypted VPN tunnels. The default source and destination UDP port number for VPN tunnels in a Grid is 1194. You can use the default port number or change it for VPN communications. Note that all the VPN tunnels in the Grid use the same port number you have chosen.
Figure 15.1 Network Insight Appliances Added as Grid members| Drawio |
|---|
| border | true1 |
|---|
| viewerToolbar | true |
|---|
| fitWindow | falsebaseUrl | https://infoblox-docs.atlassian.net/wiki |
|---|
| diagramName | 15.1 |
|---|
| zoom | 1 |
|---|
| simpleViewer | false |
|---|
| widthpageId | 22250848 |
|---|
| custContentId | 7345644 |
|---|
| lbox | 1 |
|---|
| contentVer | 1 |
|---|
| revision | 1 |
|---|
|
Network Insight appliances use SNMP and other protocols to discover and catalogue a diverse assortment of device types, including the following: routers, enterprise switches, firewalls and security appliances, load balancers, enterprise printers, wireless access points, VoIP concentrators, application servers, VRF-based virtual networks, and end hosts.
Network Insight provides a tool for administrators to gather key information about networks, including the discovery of routed paths and the host clouds behind enterprise switches, even in organizations where an Infoblox deployment already exists. In
Figure 15.2, an appliance running discovery connects to an enterprise router, and uses its information to determine more about the networks that exist deeper within the unmanaged network, termed the discovery domain in this example.
Figure 15.2 Discovery in Action| Drawio |
|---|
| border | true1 |
|---|
| viewerToolbar | true |
|---|
| fitWindow | falsebaseUrl | https://infoblox-docs.atlassian.net/wiki |
|---|
| diagramName | 15.2 |
|---|
| simpleViewer | false |
|---|
width | | zoom | 1 |
|---|
| pageId | 22250848 |
|---|
| custContentId | 7083307 |
|---|
| lbox | 1 |
|---|
| contentVer | 1 |
|---|
| revision | 1 |
|---|
|
As indicated in Figure 15.2, discovery can trace through multiple hops and perform device discovery at every step, filling out the maps of unmanaged networks for the administrator.
The collection of unmanaged network information extends to the networks of distribution Ethernet switches. Data collection also includes end hosts and application/file servers connected to edge switches in enterprise offices. Discovery uses the term assets to describe these devices. For more information, see Viewing Assets Associated with Discovered Devices.
The Probes return discovery data to the Consolidator, which synchronizes device information with the Grid Master. Once information about discovered networks and devices resides on the Grid Master, you can convert unmanaged networks and devices to managed objects, adding them to the NIOS database. For more information, see Managing Discovered Data and About Automatic Conversion Rules.
You can also configure the appliance to send SNMP and email notifications when it discovers unmanaged devices and networks. For information about how to enable SNMP and email notifications for discovered unmanaged objects, see Setting SNMP and Email Notifications. You can also manage these notifications by configuring the maximum number of unmanaged objects the appliance detects before it sends notifications and how often it notifies about these events. For information about how to configure these parameters, see Defining Seed Routers for Probe Members.
You provide one or more routers as seed routers to act as the initial gateways for discovering other networks and their devices in the discovery domain (an example appears in Figure 15.2). You can also use DHCP routers (e.g., routers serving DHCP leases) as seed routers to aid in faster discovery.
When you create new networks, you can optionally provision them onto devices and perform discovery on them. Once you create the network, discovery can locate, poll and catalogue the network devices comprising the networks. This information is then synchronized with the Grid Master. For more information, see Discovering Devices and Networks.
...
