0 Replies Latest reply on Jun 6, 2009 8:19 AM by beersm

    IPAM Scanning with segmented network (firewalls, etc).


      First allow me to highlight that I'm a complete n00b to solarwinds . . . but the address management funtions look quite interesting . . .

      What I'd like to find out - and i cannot find any obvious whitepapers or faq's that cover this, is what is best practice for making use of IPAM in a highly segmented network with tight firewall rules in place.   ie: I have a multi-tiered network segmented into a significant number of DMZ's - and I want to do both (a) manage the IP address ranges and subnets within the network tiers (DMZ's) and (b) be able to monitor the usage of addresses within each network segment AND (most importantly) be able to view all that data from a single console / webpage.

      So I think I've figured out that I'd need to allow ICMP and SNMP across firewalls to do this the easy way but sometimes this will NOT be possible for me.

      First Question is: can I deploy mulitple scan points (say one per network zone) and have all report monitoring data to the same database (SQL 2005 as far as I can see) in such a way as to allow a single web console seemless access to all the data in one presentation view?  (ie: i'd allow IPAM scanner to SQL DB accross firewall).

      Second Question is: can I use a single web console to define and manage subnets, with various monitoring points somehow understanding what I mean?

      Yes, it is a largish network (10000+ addresses in the bit of it that I'm interested in), and likely 10 or so network zones that I will not be able to allow ICMP+SNMP traffic for.

      If anybody could point me to some information on this sort of thing it would be appreciated.  Bonus points if somebody could describe most optimal way to license it !

      Merci d'avance,

      - Steve.