How many network segments can Nodeware monitor?
Nodeware supports monitoring of 1024 address space, which can be defined as up to 4 network segments. These can be traditional subnets or ranges within a larger network.
What is Nodeware Pathfinder?
Nodeware Pathfinder is a patent-pending technology that is included in all Nodeware licenses. It breaks the barrier of traditional subnet boundaries, allowing device identification, fingerprinting, and vulnerability scanning over Layer 3 (IP) networks, provided they meet certain requirements.
To function properly, Nodeware must have full visibility into the adjacent subnet without traffic filtering and have a low latency connection. Because of this, scanning over VPNs, especially geographically separated locations, is not recommended. Traffic restrictions and high latency can cause a drop in accuracy in both device identification and vulnerability scanning.
Pathfinder technology allows one Nodeware Sensor appliance to cover up to 4 segments that may be logically separated into groups, such as desktops, servers, and WiFi subnets. With this breakthrough, Nodeware is an even better fit for small to medium businesses without advanced configuration.
What is required to monitor another subnet on my network?
Nodeware is capable of monitoring link-local (MAC) networks as well as those separated by a Layer 3 switch or router (IP routing), provided it has the correct permissions.
Nodeware joins a network as a member, meaning it is distinct from the network control devices and not in the flow of traffic. As such, Nodeware requires that the network connection given has visibility into any segments you wish to add. A simple way to test this is from another machine in the same switch and subnet to attempt to ping or connect to a machine in the other subnet.
If any filtering is applied, including restricting certain types of traffic, this may impact results of scans, from not identifying new devices, to incorrect or incomplete fingerprints, or inaccurate vulnerability scans. If possible, the Nodeware Sensor appliance should be exempted from any such traffic restrictions and/or the network port should be configured to allow proper visibility.
Can Nodeware monitor my remote location over a site-to-site VPN?
It is not recommended to use Nodeware across VPNs for several reasons, primarily the additional latency a VPN connection introduces between a Nodeware Sensor and the target machines. Network monitoring and vulnerability scanning are dependent on timing and introducing lag can produce incomplete or inaccurate results.
Nodeware is designed to be flexible and gather data from multiple Nodeware Sensors, that can be rolled into a single dashboard or report. It is best practice to deploy at least one Nodeware Sensor appliance to each physical location, dependent on how large an address space you are looking to monitor.
NOTE: Nodeware however can be used across a VPN connection if the following exists.
The remote machine obtains its IP address from the host end of the VPN connection / Or the IP address is statically assigned with it's Gateway address set to the host side of the network.