Best Practices for Configuring Nectus Network Discovery in Enterprise Networks

Nectus Network Discovery: Complete Guide to Automated Topology Mapping

Overview

Nectus Network Discovery is an automated discovery and visualization module that finds devices, maps physical and logical connections, and generates up‑to‑date L2/L3 topology diagrams for enterprise networks. It combines ICMP/SNMP-based scans, CDP/LLDP/ARP/MAC table analysis and routing data to build accurate device inventories and interconnection maps.

Key capabilities

• Automatic discovery: ICMP seed scans + SNMP v2/v3 queries to identify devices, interfaces, hostnames, IPs, routing and MAC forwarding tables.
• Topology mapping: Builds L2 and L3 diagrams using CDP/LLDP and routing/MAC data; can generate site-level topologies in seconds.
• Device classification: Large MIB/OID repository for vendor/model identification and device-category classification.
• Continuous updates: Scheduled (nightly) discovery keeps diagrams synchronized with network changes; incremental discovery expands from seeds.
• Real‑time overlays: Show interface up/down, utilization, alerts and color/audio notifications directly on topology maps.
• Site management: Assign devices to hierarchical sites and generate per‑site topologies.
• Discovery controls: Exclude subnets/devices, select management interfaces, and prevent discovery of specified ranges.
• Supported protocols/ciphers: SNMP v2c and v3 (DES, 3DES, AES128/192/256).
• Rogue device detection: Identifies unknown or misconfigured SNMP devices and supports manual classification submission.

How discovery works (practical flow)

1. Define up to initial seed subnets or a single seed IP.
2. Run ICMP scan to find live hosts.
3. Query live hosts via SNMP for sysObjectID and gather interfaces, IPs, routing and MAC tables.
4. Read CDP/LLDP to find neighbor devices and expand discovery beyond seeds.
5. Store device, interface and connection data in the Nectus database and render L2/L3 topology diagrams.
6. Schedule recurring discovery to update inventory and topology automatically.

Deployment and tuning tips

• Seed selection: For large environments use broad seeds carefully (e.g., avoid /8 scans on networks that generate many ICMP unreachable responses). Prefer a representative seed IP or targeted subnets.
• SNMP credentials: Provide correct read‑only SNMP v2/v3 credentials during setup; include multiple community strings or v3 credentials if needed.
• Exclude noisy ranges: Configure excluded subnets to reduce unnecessary scanning and router CPU load.
• CDP/LLDP: Enable CDP or LLDP on devices where possible for near‑complete topology mapping.
• Discovery schedule: Use nightly full discovery with more frequent incremental scans for critical sites.
• Device classification: Submit unknown devices for classification to improve future automated identification.

Benefits

• Rapid, low‑effort creation of accurate network diagrams.
• Up‑to‑date device inventory for troubleshooting, capacity planning and audits.
• Visual, real‑time context for alerts and performance metrics.
• Reduced manual diagram maintenance and faster incident response.

Limitations & considerations

• Discovery accuracy depends on SNMP access and CDP/LLDP availability.
• ICMP scanning at large scale can generate significant traffic and trigger router CPU load or security alerts—tune seed ranges.
• Some vendors/devices may require custom MIB handling for full detail; manual classification may be needed.

Quick start (1‑minute checklist)

• Provide one seed IP or a few subnets.
• Add read‑only SNMP v2/v3 credentials.
• Enable CDP/LLDP where possible.
• Run discovery and generate site L2 topology.
• Review excluded ranges and adjust schedule/credentials.

If you want, I can create a step‑by‑step runbook for your network size (small/medium/large) or a checklist of SNMP/MIB settings to optimize discovery.