Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

searching engine in Client Deployment Wizard

Created: 16 May 2013 | 8 comments

Found there are two ways to find out unmanaged computers. One is unmanaged detector, the other is client deployment wizard. In client deployment wizard, click Search Network -> Find computers -> IP address range. The result include managed/unmanaged SEP clients and some other network devices,like router. How the searching engine work? according to ping and nslookup result?
There is an article says the searching result by Client deployment wiard, also can be found in DB sem5 dbo.network_scan_result. Does it mean the searching engine is working automatically and record the search result into DB on schedule?

Operating Systems:

Comments 8 CommentsJump to latest comment

pete_4u2002's picture

you can exclude the printers and routers from unamanaged detector.

searched results are stored in this table.

SymQNA's picture

Hi My questions focus on "How does the searching engine in Client Deploymentwizard work? according to ping and nslookup result?" and "Does searching engine work automatically and record the search result into DB on schedule?" Seems I cannot find answer from your posts. Thanks

pete_4u2002's picture

this should answer ytour questin

When a device starts up, its operating system sends ARP traffic to the network to let other computers know of the device's presence. A client that is enabled as an unmanaged detector collects and sends the ARP packet information to the SEPM. This management server searches the ARP packet for the device's MAC and IP address. The server compares these addresses to the list of existing MAC and IP addresses in the server's database. If the server cannot find an address match, the server records the device as new. You can then decide whether the device is secure. Because the client only transmits information, it does not use additional resources.

You can configure the unmanaged detector to ignore certain devices, such as a printer. You can also set up email notifications to notify you when the unmanaged detector detects an unknown device.

NOTE: In order to act as an unmanaged detector, SEP clients must have Network Threat Protection (NTP) enabled and be in Computer Mode. User Mode clients or clients without the firewall component (NTP) cannot act as unmanaged detectors.

http://www.symantec.com/business/support/index?page=content&id=TECH105722

SymQNA's picture

Hi Pete_4u2002,

But it is the techinical info of Unmanaged detector. What I what to know is how the searching engine in Client Deployment wizard works. It is different technique. As I know that unmanaged detector is better than Client Depolyment wizard, because searching engine in Client Deployment wizard cannot detect client with Firewall enabled. That is why I want to know how it works. Appreciated if you can find an answer.

pete_4u2002's picture

can you post the screenshot for the information you looking at? is it pushing the client package or searching the client for pushing the package?

raju123's picture
About client deployment methods
Article:HOWTO55088  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URL http://www.symantec.com/docs/HOWTO55088
 
Deploying clients by using Remote Push
Article:HOWTO55065  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URL http://www.symantec.com/docs/HOWTO55065
pete_4u2002's picture

its basically ICMP pingout time to look for clients for deploying the client package.