Choosing A Method Of Dependency Discovery - VMware VCENTER APPLICATION DISCOVERY MANAGER 6.1.1 User Manual

Table 5-2. Dependency Discovering Methodology (Continued)
What
Discover the open ports that the services
running on the interrogated host are using
to listen for incoming connections ("service
endpoints").
Guess the top‐level protocol used by those
connections.

Choosing a Method of Dependency Discovery

Table 5‐3 outlines the differences in the information that are discovered through either Passive Discovery (PD)
or Detail Discovery (DD) to help you determine which type to use in your environment.
Table 5-3. Comparison of Passive and Detail Discovery Information
Difference
Detailed discovered dependencies do not include activity, whereas passively discovered
dependencies do.
Protocol identification is by far more accurate with Passive Discovery. This of course, results
from Passive Discoveryʹs specialization in protocol analysis.
Passive Discovery is weak in discovering the source of a connection for reasons explained in
"ADM Dependency Discovery Methods" on page 46.
Passive Discovery cannot discover the ports on which a service is listening unless a client
sent a packet to it.
Detail Discovery discovers connections that are active at the time of discovery, whereas
Passive Discovery samples all communication traffic on the network. This means that
ephemeral connections have less of a chance to be discovered through Detail Discovery.
Note: However the connections that are active and representing an interaction with a live
business application are not likely to be ephemeral.
Only Detail Discovery discovers documented dependencies that are dependencies discovered
by looking at the configuration of service, such as in the files and registry.
Note the following when you are using Passive or Detail Discovery for discovering dependencies:

If the same connection is discovered through both Passive and Detail Discovery, the connection is
reconciled to appear as a single connection; for example, if Passive Discovery discovers the protocol,
activity and the server‐side service, and Detail Discovery discovers the client‐side service, the two
discoveries would be reconciled to include all the information collected by both discovery types, without
redundancy.

The process of reconciling hosts might take some time.

ADM uses the same Passive Discovery scope IP filters to filter remote hosts (hosts connected to the
interrogated host) discovered during Detail Discovery. This feature avoids the problem of Detail
Discovery overriding the IP ranges that were excluded as part of the Passive Discovery scope.

By default, Detail Discovery policies do not discover network dependencies due to issues surrounding
performance. The discovery of network dependencies substantially increases the amount of time it takes
to reconcile the discovered results, and since the default deployment of ADM includes Passive Discovery,
this default configuration still provides a full view of the network, including network dependencies.

vCollector support Passive Discovery only.
VMware, Inc.
How
Both netstat and SNMP tables expose listening ports that is used to create
a service endpoint with that port. An example of this is discovering that
an Apache service is listening on ports 80 and 8080, even if no active
connection exists at the time of the discovery.
To avoid false positives, it is done only on low ports: <512.
Chapter 5 Discovery
Advantage
PD DD






47