Hey all, I'm looking for a solid host discovery tool. I know and have used a lot of the standalone tools out there but I need something a bit specific. Not only should it do on demand/scheduled scans but I need something real-time. For instance Forscout eyesight receives a copy of client segment DHCP traffic (via ip-helper). This triggers and automatic response of WMI/nmap/switch snmp data discovery right when a host comes online. With retention and alerting of this data it could be a workable tool for my SOC. I'm tackling BYOD but real NAC is a looong term project. Ideally my SOC will use this tool to track down and take action on unmanaged hosts. My heart would sing if LibreNMS or had integration support for something like this...or maybe I feed it to Splunk. Thanks for reading and any for inspiration.
No comments:
Post a Comment