Install AutoDiscovery

AutoDiscovery is an additional ASMS component, layered over AppViz, which enables you to discover business service flows directly from your network and import them into AppViz.

AutoDiscovery is managed, licensed, and installed separately from ASMS. To use AutoDiscovery, ensure that your ASMS license includes support for AutoDiscovery. For more details, see ASMS licensing and AutoDiscovery.

AutoDiscovery server architecture

The following image shows how to the AutoDiscovery sensor captures network traffic between computers across the network and sends traffic data to the AutoDiscovery server.

  • The AutoDiscovery sensor collects traffic from your network, including statistical data using NetFlow/SFlow methods, simulated/mirrored packets, or direct traffic. For more details, see Traffic collection options.
  • The AutoDiscovery server creates business service maps, hosts the AutoDiscovery web client, and communicates with ASMS.

Note: Each AutoDiscovery installation provides a server and a single sensor, which usually supports statistical data collection or simulated/mirrored packet collection.

To collect traffic directly, you may need to deploy additional sensors throughout your network. For more details, see Install AutoDiscovery sensors.

Back to top

Deploy the AutoDiscovery server

The AutoDiscovery server is available as a CentOS-based virtual appliance in OVF format. This procedure describes how a system administrator can deploy a AutoDiscovery server.

The server installation provides an Apache Tomcat server, a PostgreSQL database, and a single sensor.

Do the following:

  1. Verify that your AutoDiscovery machine complies with the system requirements. For details, see AutoDiscovery system requirements.

    Note: Your AutoDiscovery machine is a separate machine from your main ASMS or AFA machine, and has different specifications and requirements.

  2. On the AlgoSec portal, navigate to DownloadsSoftware > AlgoSecAutoDiscovery.
  3. Do one of the following:

    Each server installation or upgrade comes with a local sensor.

  4. After completing the installation, configure traffic collection from your network. For example, do the following:

    1. Configure NetFlow collection in VMware VSphere.
    2. Direct the NetFlow output to the AutoDiscovery server, which has a local sensor installed.

    Tip: You may have other traffic collection methods planned, using additionally installed sensors. For more details, see Traffic collection options and Install AutoDiscovery sensors.

Back to top

AutoDiscovery system requirements

The AutoDiscovery default and recommended installation provides both an AutoDiscovery server and sensor.

The AutoDiscovery server must be deployed to a Linux VMWare server with the following specifications:

VMWare version

AutoDiscovery can be deployed on virtual machines that use VMWare ESX versions 5.5 and higher.

Minimum hardware requirements

Minimum hardware requirements for the AutoDiscovery server include:

  • Dual CPU / Dual core CPU
  • 4GB RAM for the server
  • 1GB RAM for the sensor
  • 10GB free disk space for the server
  • 16MB free disk space for the sensor, when using thick provisioning during the VM deployment

Note: These specifications are appropriate for PoC installations and environments with low traffic levels only.

Recommended hardware requirements

Recommended hardware requirements for the AutoDiscovery server include:

  • 4-8 CPUs or cores
  • 8GB RAM
  • 30GB free disk space

Note: These specifications are appropriate for production environments with a rate of up to 2000 transactions per minute.

Networking requirements
  • Connect the virtual appliance to a port group configured with Promiscuous mode.
  • For more details about required ports, see AutoDiscovery required ports.
  • If you are deploying additional sensors, system requirements for the sensor installations may depend on the traffic collection method. For more details, see Traffic collection options and Install AutoDiscovery sensors.

    Tip: If you have issues decoding HTTP(s) because the certificate is unavailable, we also recommend using the sensor installed together with the AutoDiscovery server instead of installation additional sensors.

    Back to top

    AutoDiscovery required ports

    The following image shows the traffic between the AutoDiscovery components.

    Traffic between AutoDiscovery components uses the following ports:

    • TCP/9545. From the AutoDiscovery to each sensor configured.
    • TCP/9543. From AppViz on the ASMS machine to the AutoDiscovery server.
    • TCP/9443. From the AutoDiscovery web client component to the AutoDiscovery server.

    Back to top

    Traffic collection options

    AutoDiscovery can collect traffic using statistical capture with NetFlow/SFlow methods or full capture.

    Tip: You can also configure AutoDiscovery to use multiple methods, with or without direct collection, to create the collection methods that work best for each part of your network.

    We recommend using statistical capture with NetFlow/SFlow methods for high traffic systems. System requirements for the AutoDiscovery sensor may differ depending on the traffic collection options you configure.

    Statistical capture

    Statistical capture is quicker as it passes a summary of the traffic instead of the full content.

    Additionally, statistical capture usually does not need additional sensor installations other than the default sensor installed with your AutoDiscovery server.

    Note: AutoDiscovery supports NetFlow/SFlow using the VSphere Enterprise Plus edition.

    For more details, see NetFlow system configuration requirements.

    Full capture

    Full capture collects more details about your traffic, and may require additional sensor installations.

    For more details, see Install AutoDiscovery sensors.

    For more details, see Statistical vs. Full Capture.

    Note: Regardless of your configuration, configure a physical router or switch, or a Virtual Distributed Switch, to direct traffic to your sensor. For more details, see the documentation for your router or ESX or NetFlow/SFlow packet broker.

    Back to top