The present invention generally relates to IT optimization. More particularly, the present invention relates to server device discovery.
Today enterprises are increasingly forced to optimize their IT environments mostly due to power supply, floor space, or cooling capacity problems. Enterprises already have complex and large IT environments usually consisting of many small, medium, and large datacenters. Therefore, any large-scale IT optimization task (i.e., a process for assessing IT infrastructures and platforms across IT capabilities to achieve more dynamic and efficient IT environment) requires information about a current situation: existing datacenters, servers devices running the datacenters, roles of server devices, and details about software components and middleware stacks installed on the server devices. Traditionally, such information is only available as manually maintained spreadsheets that are not accurate. Furthermore, current automated server discovery tools (e.g., a freeware Nmap (Network Mapper)) either do not discover server devices located behind firewalls and server devices that are idle or require long periods of constant network monitoring or both. Fyodor, “The art of port scanning”, published in Phrack Magazine, volume 7, Issue 51, on Sep. 1, 1997, wholly incorporated by reference as if fully set forth herein, describes the Nmap in detail. As a result it is not uncommon at server discovery stage to miss one or more datacenters because users performing the discovery did not know that those datacenters exist.
Enterprise IT discovery process is a multi-step process that usually starts with server device and network discovery, is followed by basic middleware and general software discovery, detailed software configuration discovery, and finally business-level roles of servers, software, and data discovery.
Current automated server discovery tools either rely on sending out probing requests and detecting server existence based on replies or they rely on observing network traffic. Unfortunately, sending out probing requests limits a scope of discovery: packets sent outside of current sub-network commonly trigger intrusion detection systems and also usually cannot reach sub-networks behind firewalls. Observing existing network connections over a period of time discovers server devices that are on the same or other networks as long as there are live communications between them. Unfortunately, such discovery requires network connection monitoring over a long period of time: many server devices such as database server devices replicate their data once a week or even once a month and otherwise do not communicate at all. Realistically, it is rarely possible to wait for several months to perform just a server discovery. Furthermore, some servers such as web servers servicing static contents or application servers that process external information do not communicate with any other servers at all if configured for taking over primary servers in case of disasters affecting the primary servers. Similarly, many running servers in an enterprise are idle simply because nobody uses and needs them anymore.