Account > Audit > Network radio button
Sites > open a site > Audit > Network radio button
About network nodes and network discovery
Adding devices to your Datto RMM account manually can be time-consuming, however, if one of your fully Managed devices is designated as a network node device, it can discover devices on the network for you during audit. For information on how often an audit is performed, refer to Frequency of audits.
The discovered devices will be displayed under the Audit > Network radio button and you can add them as Managed network devices to your account and then start monitoring them through the designated network node.
By default, Agents in Datto RMM do not interrogate the local network for devices that are capable of being managed. In order to find those, you’ll need to assign a single device, which has a Managed Agent installed, as a network node. It is recommended that this is a device that has a high uptime, for example, a server.
- Only desktops, servers, and laptops with up-to-date audit information may be nominated as network nodes.
- The following operating systems are supported: Windows, macOS, Linux. For more information on the supported versions of these operating systems, refer to Supported operating systems and Agent requirements.
Linux network nodes are not able to perform network scans. Manual network device enrollment must be used when using exclusively Linux network nodes. Refer to Enroll an SNMP-enabled device.
- For information about network node requirements for ESXi monitoring, refer to Network node requirements for ESXi monitoring.
|Type of Network Scan||Requirement|
|A network node scans its own subnet||• A device must be able to respond to the network node's ping.|
|A network node scans a user-specified additional subnet||• A device must be able to respond to the network node's ping.
• Additionally, a TCP connection can be established to any of the following ports:
22 - SSH
80 - HTTP Web Server
8080 - HTTP Web Server
443 - HTTPS Web Server
Windows devices must have their SNMP service configured properly in order to return SNMP information to a network node, particularly if the device in question is performing checks against itself (that is, if the Network Node field is set to Localhost on the Device Summary page).
You can configure the SNMP service to specify which devices you want to accept SNMP packets from.
- Go to Start > Run, and enter services.msc.
- Right-click SNMP in the list of services, and select Properties.
- On the Security tab, select one of these options:
- You can assign a network node to a single device on its Device Summary page. Refer to Edit device details.
- If you want to assign a network node to more than one device, click Sites and click on one of your Managed sites.
- Click Devices.
- Select the device(s) to which you want to assign a network node.
- Click the Network Node Settings icon from the action bar and select the Assign Network Node option.
- Click Sites and click on one of your Managed sites.
- Click Devices.
- Select the device that you want to designate as a network node.
- Click the Network Node Settings icon from the action bar and select the Network Node (with network scanning) option.
- Click OK on the pop-up window to proceed or click Cancel to stop the action. Once you click OK, the device is configured to act as a network node to carry out scanning of its local subnet and any additional subnets configured in Site Settings. Refer to Additional Subnets for Network Discovery.
You can nominate more than one device as a network node.
- Select your network node device again and click the Request device audit(s) icon in the Action bar to force an immediate scan of the network the device is part of.
- Click OK to confirm the audit or click Cancel to stop the action.
Allow 10-15 minutes for the audit results to come through.
During audit, the network node will attempt to authenticate network devices over SNMP. Network discovery works across subnets. A network node is able to scan its own subnet by default, however, additional subnets can also be added for network discovery in Site Settings. Refer to Additional Subnets for Network Discovery. The device discovery limits can be changed in Account Settings.
Network scan process:
- The network node will try to authenticate over SNMP v2c, using the community string "public".
- If it fails, it will check if any Site-level SNMP credentials are accepted. To store SNMP credentials at the Site level, refer to Site Settings.
- If it fails, it will check if any Account-level SNMP credentials are accepted. To store SNMP credentials at the Account level, refer to Account Settings.
- If it fails, the device type will be classified as "Unknown".
The table below discusses the process of how device records are created during network discovery.
|Type of Network Scan||Process|
|A network node scans its own subnet||1. Ping all hosts in subnet. (Up to Network Scan Limit.)
2. Create device records for hosts that respond to the ping and add MAC address (ARP lookup).
• Try to determine if it's a printer using SNMP.
• Try to determine if it's a Windows or non-Windows device.1
• Try to determine if it's an ESXi device.2
3. Add the following SNMP information to the device record: Private Enterprise Number, Uptime, Contact, Name, Location, Printer Supplies (if printer).
4. Add NETBIOS hostname to the device record.
|A network node scans a user-specified additional subnet||1. Ping all hosts in subnets obtained from Site Settings > Additional Subnets for Network Discovery. (Up to Network Scan Limit.)
2. Create device records for hosts that respond to the ping and where a TCP connection could be established to any of the following ports: 22, 80, 8080, 443.
• Try to determine if it's a Windows device.1
• Try to determine if it's an ESXi device.2
3. Add NETBIOS hostname to the device record.
SNMP scan is disabled for user-specified additional subnets.
1 A Windows device's default TTL (time-to-live) is 128; a non-Windows device's default TTL is 64 or 255.
If TTL is equal to or less than 64 OR equal to or more than 129, a non-Windows device record will be created.
If TTL is more than or equal to 65 AND less than or equal to 128, a Windows device record will be created.
2 ESXi devices need to listen on port 902 so that a network node device can list them as ESXi devices.
To avoid duplication in the discovered device records, the following de-duplication logic is applied:
- Check if a new device to be added to the discovered devices has a MAC address.
- If the new device does have a MAC address, check if there is another discovered or Managed device with the same MAC address in the entire account. If a match is found, reject the new device as a duplicate.
- If the new device does not have a MAC address, check if there is another discovered or Managed device with the same IP address in the same site. If a match is found, reject the new device as a duplicate.
When the MAC address is available, there can be multiple devices with the same IP address in the same site.
When the MAC address is not available, there can be multiple devices with the same IP address in the account, as long as the devices are in different sites.
If your network node or nodes have not been able to find any of your SNMP-enabled network devices or printers, network scanning of SNMP devices may have been disabled for your account. For further information, refer to Disable network scanning of SNMP devices.
To enroll the discovered devices as Managed devices, follow these steps:
- Navigate to the site in which you have nominated a network node device.
- Click the Audit tab and stay on the Network radio button.
You will see various device type groups that list all of the devices discovered by the site's network node(s). For more information on what is displayed on this page, refer to Network.
- Expand any of the device type groups and select any of the devices. You can select devices of different device types as well.
Deployments are limited to 100 devices per operation.
- On the next page, the following information will be displayed:
|Total Devices||For more information, refer to Network.|
|Group by Subnet|
|SNMP v1/v2 Public|
|Category||Displays the device type as discovered by the network node.|
|Deploy From||Select one of the network nodes that should manage the device. The drop-down lists all of the site's network nodes.|
|Device Type||Select a device type for the device. In some cases, the device type is automatically recognized. For more information on device types, refer to Edit device details.|
|Set Credentials||Depending on the device type, select a set of Agent Deployment Credentials / SNMP Credentials / ESXi Credentials.
Site credentials will be displayed in addition to the credentials specified in Account Settings unless this option is disabled in Site Settings. For further information refer to the Agent Deployment Credentials, SNMP Credentials, and ESXi Credentials sections in Account Settings and Site Settings.
- Click Confirm to confirm your selections or Back to return to the previous page. If you click Back, your selections will be cleared.
Devices will be added as Managed devices and each will use a Managed license. This should be considered when planning for licensing and Agent numbers.
- If you clicked Confirm in the previous step, the next page will display the devices you have just added as Managed devices to the site. Deployment to Windows and macOS devices typically takes a few minutes. SNMP and ESXi devices are added instantly, and you can expect audit information to appear after a few minutes.
In the Managed Devices section, click the name of the device displayed under the Deploy From column to check the Activity Log of the device for more details. Refer to Device activity.
There may be cases when you do not want the Agents to scan for SNMP-enabled network devices. It is possible to stop network scans, however, by doing so you will only be able to add network devices to your account manually. For information on how to add a network device manually, refer to Manage and monitor SNMP-enabled network devices and printers.
In order to disable network scanning:
- Click Setup > Account Settings.
- Scroll down to Custom Agent Settings.
- Select Use alternative settings for Agent.
- In the Network Subnet Limit field, set the value to 0 to disable network scanning for the entire account.
- Click Save.
You can enable / disable network scanning of SNMP devices for the entire account. It is not possible to do this only at the Site level.
Under heavy load, a network node may drop offline and become unable to manage and monitor network devices. Unfortunately, there is no one-size-fits-all solution to this problem because there are many variables to consider in each situation.
Therefore, our recommendation is to nominate a device as a network node, and then set up both a CPU and a Memory Monitor against it. Refer to Create a monitor.
You can then proceed to add devices and monitors to the network node. Keep an eye on the CPU and Memory Monitor metrics until the network node's resource utilization begins to breach limits. This can then be treated as a benchmark, and you can provision more network nodes in the same manner as necessary.
|Need to troubleshoot this? Open the Datto Knowledge Base.|
|Want to talk about it? Head on over to our Community Forum!|
|Forward this topic to others.|
|Provide feedback for the Documentation team.|