AutoDiscovery

AlgoSec AutoDiscovery enables you to detect business service traffic from across your network and import them as business service flows into AppViz. AppViz organizes the business needs associated with specific traffic flows as business applications.

In this topic:

AutoDiscovery business service types

AutoDiscovery both collects user traffic logs from across your network, and maps the collected traffic to business services.

AutoDiscovery business services are organized into the following types:

Map-based business services	Map-based business services start with a server and port. Traffic data from AutoDiscovery sensors provides data for all URLs and clients communicating with the server.
Query-based business services	Query-based business services start with the query on a server, or a server and port. Queries discover the server's connection at a specific instance. These services are a snapshot of the service at the time it is created, and are not updated.

Back to top

Get started with AutoDiscovery

This procedure provides steps for setting up an AutoDiscovery system for the first time after installing the AutoDiscovery server and sensors.

Do the following:

1. Log in to AutoDiscovery. For details, see Log in to AutoDiscovery.

2. Define the AutoDiscovery sensors and subnets to manage the traffic detected by AutoDiscovery.

   For details, see Define sensors and subnets.

   Tip: Depending on your system configuration, you may want to install additional sensors instead of only using the default sensor installed with the AutoDiscovery server. If you install additional sensors, make sure to define them in AutoDiscovery before you continue.

   For more details, see Install AutoDiscovery sensors.

3. Verify that NetFlow traffic flows successfully to the AutoDiscovery server via the sensor you defined.

   Configure NetFlow traffic flow to your sensor

   Configure your NetFlow export device, such as VmWare or Cisco Nexux, to send NetFlow packets to the AutoDiscovery sensor IP address, on port 2055.

   The following table lists the data that must be, or is recommended to be, included by the exporter in the NetFlow packets:

   Required	Source VLAN NetFlow Version IPv4 Protocol IPv4 Source address IPv4 Destination address Source port Destination port
   Recommended	Counter bytes Counter packets TCP flags

4. Create an AutoDiscovery business service to collect your traffic.

   For details, see:

   • Discover map-based services
   • Discover query-based services

5. Switch to AppViz. Connect your AutoDiscovery server to AppViz and start importing your application flows into AppViz. For more details, see:

   • Discovery settings
   • Discover applications

For more details, see:

• Manage business services
• Export AutoDiscovery data
• Configure AutoDiscovery
• Troubleshoot AutoDiscovery

Back to top

Log in to AutoDiscovery

This procedure describes how to log in to AutoDiscovery.

Do the following:

1. Navigate to https://[AutoDiscoveryServerIP]:9443.

   A login page appears, similar to the ASMS login page.

2. Log in with your AutoDiscovery username and password.

   Note: AutoDiscovery credentials may be different than your ASMS credentials.

   The default credentials are administrator / admin.

   The Welcome to AlgoSecAutoDiscovery page appears.

3. Click the AlgoSecAutoDiscovery Web Console link.

   First time logging in to AutoDiscovery

   The first time that you log in to AutoDiscovery, you are prompted to connect to an AFA server, with the afa user pre-defined. For example:

   

   Enter the following details, and click Login.

   AlgoSec Firewall Analyzer host	The hostname or IP address of your AFA server.
   Linux password	Enter afa, which is the Linux password used to connect AutoDiscovery to AFA.

   You are logged in and the Activity Dashboard appears. For example:

   

Back to top