Disconnected scan configuration

Edit online

9.2.5 Available from 9.2.5.

Disconnected scans allow for discovering software and hardware inventory on computers that do not have connection to the BigFix® server. Scripts that are provided in the disconnected scanner package initiate software and capacity scans, and create a package with scan results that you later upload to License Metric Tool.

Restriction

If you use disconnected scans for IBM Virtualization Capacity, also referred to as subcapacity licensing, you must comply with the following rules.
  • You must obtain the approval from IBM Compliance to use disconnected scans. To request an approval, contact your Sales Representative who will instruct you on how to contact IBM Compliance. Approval of IBM Compliance is not required if you manage disconnected scanners with Red Hat Ansible by using playbooks that are delivered with License Metric Tool. For more information, see: Managing disconnected scans with Ansible.
  • Disconnected scans can be used when the BigFix client cannot be installed due to technical, legal, business, or security reasons, or other valid justification. An exception is IBM iSeries. Because the BigFix client is not available on IBM i, disconnected scans are the only method of software and hardware discovery on IBM i systems, and approval from IBM Compliance is not required.
  • Disconnected scanner for IBM Virtual Capacity can be deployed only on supported and eligible operating systems.
Disconnected scans should be used with caution, especially when you use License Metric Tool for subcapacity reporting. They require much more user control and manual maintenance, including scanner and catalog updates, periodic transfer of data, and manual health checks to assure report correctness. The maintenance is customer responsibility because it is not automated as in case of the BigFix client.

Disconnected scanner architecture

You can install the disconnected scanner on computers on which the BigFix client cannot be installed. The scanner runs software and capacity scans, and creates a results package. You transfer this package from the scanned computers to a disconnected data source which is a dedicated directory that you create on the computer where the License Metric Tool server is installed. You can transfer the results packages manually, or you can create automation scripts that are based on a technology of your choice. Data from the disconnected data source is uploaded to License Metric Tool during the import.

Apart from the disconnected scanner, you can also install a VM Manager Tool in disconnected mode to collect data from VM managers. Disconnected scanner packs this data together with results of software and capacity scans to a single results package. Thus, VM Manager Tool in disconnected mode must be installed on a computer on which the disconnected scanner is also installed.

Disconnected scanner architecture

Disconnected scanner package

To install the disconnected scanner, distribute a disconnected scanner package to the computers in your infrastructure. The package consists of the following items.
  • Scanner
  • Configuration files
  • Scripts that run the scans and create a package with scan results. The scripts initiate software and capacity scans, gather scan results, and adjust them to the format that is compatible with License Metric Tool. If the scripts are not appropriate for your environment, you can edit and customize them, or create new scripts that better fit your needs.

Scalability

You can collect data from up to 25,000 disconnected computers on condition that the computer where the License Metric Tool server is installed meets hardware requirements for very large environments. For more information about the requirements, see the following links.
Additionally, to ensure good performance of importing scan results, set up disconnected scans according to the following recommendations.
  • Run the software scan weekly.
  • Distribute the import of results packages over the week so that a subset of packages is imported every day. For example, import 5,000 packages every day from Monday to Friday.
  • Set up automatic removal of packages with scan results from the disconnected data source after the results are successfully imported to License Metric Tool. To automatically remove the packages, go to Management > Advanced Server Settings, and set the delete_successfully_imported_scans parameter to true.
  • Configure the transaction logs size and increase the Java heap size. For more information, see: Tuning performance in medium and large environments.
  • Linux Change the ulimit -n value to 4096.

Scan frequency

For information about default and minimal scan frequency as well as recommended frequency of importing scan results, see: Frequency of scans and uploads of data.

Multiple environments

When you have multiple environments, for example test and production, ensure that the following requirements are met.
  • Every computer reports in only one of the environments.
  • Packages with results of disconnected scans from one environment are not uploaded to License Metric Tool that monitors the other environment.

Limitations

  • The disconnected scanner cannot be used to collect software and hardware inventory data from the following hypervisors:
    • KVM
    • PowerKVM
    • Xen, Citrix XenServer, Citrix Hypervisor
    It can be used only to collected data from VMs that run on these hypervisors. To collect data from the hypervisors, use the BigFix client. For more information, see: Collecting capacity data from virtualization hosts for Xen and KVM (BigFix scenario).
  • Optimized mode of scanning remote shared file systems is not supported.
  • Information that is provided in the Operating System column might be slightly different for the computers that are scanned by the disconnected scan, and the computers that are scanned by a regular scan.