Some protocols that Asset Discovery uses require access credentials for authenticated access. Examples are WMI, SSH, and SNMP v3. Without proper credentials, Asset Discovery will not be able to pull configuration details from those devices.
DON'T WORRY ABOUT POTENTIAL MISCONFIGURATIONS. ASSET DISCOVERY DOES NOT CHANGE ANY CONFIGURATION SETTING ON YOUR DEVICES AND WILL WORK FINE WITH READ-ONLY ACCESS RIGHTS.
If supported by the protocol in question, you can deny write access for the account that Asset Discovery uses to probe your devices.
You can set access credentials on three different levels:
- per node (being used as a default for all devices in all networks)
- per network (being used as a default for all devices in one network)
- per device (overwriting any defaults).
All credentials are stored in an encrypted file format, keeping the information confidential.
Node-wide credential settings
In the node configuration settings you can set defaults for WMI, SSH, and SNMP credentials. Clicking on the "..." button will pop up a dialog where you can specify multiple user/password pairs. This is convenient if some devices use different credentials than others. Asset Discovery will then use the second (or third, fourth...) credentials entry to establish a connection. Just note that some SIEMs may view this as a hacking attempt, so you may want to check back with your network department before using multiple credentials.
Don't forget to save your settings by clicking "Set" at the bottom of the details pane.
Network-wide credential settings
You can also specify credentials by network, which is particularly useful if endpoints in one network use shared credentials that differ from those used in other networks. Any credentials that you specify for a network will override global credentials (for the Asset Discovery node) that you may have set.
When intending to use network specific settings, make sure to select "network setting" instead of "global setting" for the network in question.
In order to set network-specific credentials, select a network in the object table. In the details pane, select "Probing" in the drop-down menu and make the appropriate changes. For WMI and SSH you also have to select "network setting" in the "Credentials" field. Finally, save your credentials by clicking "Set" at the bottom of the pane.
Device-specific credential settings
If node-wide and network-wide credentials need to be overwritten for a device, you can do so by using the following procedure:
- Select the device in the object table
- In the drop-down menu in the details pane, select "General"
- Specify the access credentials for this device
- Save the settings by clicking "Set" at the bottom of the pane