Configuring WatchGuard's Network Discovery

Brandon Wright here to show you one of the latest features available from WatchGuard, Network Discovery! This handy little feature allows you to scan your network for devices and gather details about them. Some of the information you can find is the device type, OS version, MAC address, and when they were last seen. You can even see what device groups they would fall under, so it can be very powerful not just in keeping you aware of your network, but also in policy management and construction.

So, let’s dive right in.

Currently the Network Discovery feature is only accessible through the Web UI. Open up your favorite web browser and head to https://<IP of firewall>:8080. You will want to make sure to use an account with read/write access to the firewall during the initial setup. After words, you can log in as a read only account to view results.

The settings for Network Discovery will be found under “Subscription Services” and then “Network Discovery”.

To enable, just check the checkbox at the top, which will allow you to configure the interfaces, and enable a schedule.

I am going to select my internal network here, and choose to enable a schedule. I’ll keep the defaults for now to run daily at midnight. Once we hit save at the bottom, or initial settings are completed!

Since we don’t want to wait until midnight to see our results, we can select the box on top of this page to scan now. You are given the options to scan as the schedule is set, or choose specific networks or interfaces. Since we just configured the schedule to contain all interfaces, I’ll just go with that to see how our results will look.

You will then have a progress bar showing the status. Clicking show details will give you some additional information.

Once it has completed, you will be able to see when the last scan was performed, and how long it took. To view the results, we will go under “Dashboard” and choose “Network Discovery”.

You will see your network map, which begins by breaking down the individual networks. You can then further drill down into each device on it. You can also select device list, to see the entire list of devices found. Selecting a name will give you the details of the device, one option of which will allow you to see any ports detected during the scan.

At the top, you even can click the links to automatically view traffic monitor filtered by the device IP address.

So Network Discovery can be a really useful tool for monitoring your network. I hope you have enjoyed this little demonstration. We will see you next time!