Discovery scopes
You can use a discovery scope to identify the devices, computer systems, and other components in your infrastructure that you want the server to access. You must configure at least one scope before running a discovery.
You can specify the discovery scope sets using IP addresses, ranges of IP addresses, or subnets to define the boundary of the networks that can be accessed during discovery. A scope can be as small as a single IP address, or as large as a range of IP addresses or a class C network. To scan subnet ranges greater than a class C network, see Loading a discovery scope from a file for more information. You can also exclude specific devices from the scope.
When there is a firewall between the server and the systems that you want discovered in another
area of your network, configure the firewall to allow access on the SSH port (port 22) and then set
up an anchor. See Anchors and gateways for more information. The following
table lists and describes the information that is displayed for a discovery scope sets in the
Scope pane, in the Scope Sets tab:
| Discovery scope information | Description |
|---|---|
| Method | Specifies whether to include or exclude the IP address, IP address range, or subnet. |
| Type | The type of address specified, from among the following options:
|
| Value | The actual IP address, IP address range, or subnet. |
| Description | A user-supplied description or host name of the discovery scope. |
Note: A scope, or a scope group, is not an identifier, but a collection of individual IP
addresses. Therefore, if you restrict configuration, for example Access Entry, or Discovery Profile,
to a scope, or a scope group, it applies to all IP addresses included in that scope, or scope group.
It also means that when a given IP address is included in many scopes or scope groups, and you
restrict configuration for only one of them, the restriction for the given IP always applies, no
matter which scope, or scope group, is used for discovery.