Creating Network Diagram
The New Network Diagram Creation Wizard will help you create network diagrams and automatically draw connection lines that imitate network cables on the diagram. To run the Wizard, please select the "File - Create Network Diagram..." main menu item.
The Wizard uses two methods for searching network devices:
1) Scanning IP range
This method allows you to spot the maximum number of devices. It features the following advantages :
- High scanning speed (up to 16 addresses/sec.*)
- Recognition of diverse hardware types: printers (local and network), switches, hubs, servers, database servers, routers, WiFi access points, etc.
- Combination of several efficient network hardware search methods (ICMP ping, scanning a series of TCP ports, ARP requests).
- Retrieving data from hardware via SNMP (switches, printers, WiFi, etc.)
- Automatically building a network diagram by drafting over data received from switches .
- Automatic retrieving of additional information on found hosts (IP and MAC addresses, NIC manufacturer, DNS name, OS type, connected printers, descriptions.)
- Scanning several IP ranges at once.
- When found devices are placed on the diagram, they are automatically scheduled for specific automatic checks.
2) Importing from Network Neighborhood
This method works somewhat faster than the other one; however, not all devices are guaranteed to be found. Moreover, using this method the program will not be able to draw the network topology automatically. Still, it will automatically place found computers in groups, depending on which workgroups and domain names the computers belong to.
3) Tracing routes
This method allows you to build a connectivity diagram for the Internet hosts. The scanning method is based on the route tracing.
Importing from Network Neighborhood does not involve any difficulties, just follow the Wizard recommendations.
On the first step (Fig. 1) we set the IP range to be scanned. In the fields Starting IP address and Ending IP address enter the range of IP addresses to be scanned. To automatically detect the range of IP addresses applicable to your network, select the current network interface card. Once the address fields are filled in, click on the Add -> button, and the selected range will be added to the list of IP ranges to be scanned. To Delete a range from the list, simply click on the corresponding button. Tick off the IP ranges on the list that are to be scanned.
The wizard allows you to choose from three different methods for searching for devices on a network:
- ICMP ping
The Packets parameter defines the number of ICMP packets to be sent by the application to each address to be scanned. In heavy-load networks, sending just one packet may be insufficient to receive a response from an existing host. In this case, it's recommended that you set at least 3-4 packets.
- Scanning TCP ports
Scanning TCP ports requires a list of Ports, by which devices could be found on a network. The most widespread open ports in Microsoft networks are 139 (NetBIOS), 21 (FTP), and 80 (HTTP).
IMPORTANT! When selecting a port scanning method, please keep in mind that in the majority of cases firewalls may consider your actions an attack, and that may cause the respective consequences.
System TCP Port Scanning Limitation: Microsoft introduces a limit (of 10) to restrict number of allowed simultaneous outgoing half-open TCP connections in Windows XP SP2(x86,x64)/SP3, 2003 Server SP1(x86)/SP2(x86,x64), Vista without SP(x86,x64) and with SP1(x86,x64) to prevent virus or malicious program to make unlimited infectious connections to other systems. Thus, when you scan more than 10 TCP ports on remote hosts simultaneously per 10 seconds, the system will slow down the program on the driver level. You can even think that the program hangs. If your Windows is affected by this limitation, please use longer timeouts on the Scanning Wizard window so no more than 10 hosts will be scanned per 10 seconds. Learn more about this issue...
- ARP ping (IP->MAC)
ARP requests are attempts to resolve the host's MAC address by its IP address. If a MAC address cannot be resolved, the Wizard will add the host to the list of search results. There is a chance that the program can find non-existing hosts. The address table in a switch can keep old or reserved data. In such an example, clear the checkboxes next to them in the results window or delete them from the diagram.
For all scanning methods you must set the Response timeout, which defines how long the wizard will wait for a response from the host being scanned.
The perfect choice of search parameters depends on your network configuration, availability and functioning of the necessary protocols. In particular, to detect hosts in a local area network with bandwidth of 100 Mbps and higher, Two ping packets and a 100-500 ms response will be sufficient. In the case with TCP ports, it is worth noting that the greater number of ports you specify on the list, the longer the application will search for hosts in the network. The best way to go around this is to set the 2-3 most common ports through which the application can find Windows stations and servers; those include 139, 21 and 80th (NetBIOS, FTP, HTTP).
Searching for network printers is a different story. This procedure takes quite a bit of time, and therefore it should not be run if you are sure that there are no such printers in your network. Otherwise, you would have to wait for the completion of that procedure. The completion will be indicated by the appearance of the network scanning progress bar in the network scanning wizard window. The reason why the procedure is so slow is because it searches for network printers before launching the primary scanning procedure (which is performed with a large number of threads running simultaneously, unlike with searching for printers).
The program also detects network devices using the UPnP (Universal Plug and Play) protocol. This helps detecting routers, wireless devices, media players, and other UPnP devices.
The wizard can automatically find all servers, database servers in your network, obtain other useful information on found computers (OS type, comment, etc.) To enable retrieving that additional information, select the option Get additional data on hosts via NetBIOS. This function will work only if the NetBIOS protocol is allowed on your computer and in other computers in your network. If the NetBIOS protocol is disabled in your network, no such information can be retrieved, and the application will spend quite a bit of time on that attempt (hence the feeling that the application is “frozen”). Searching for network switches is done in the multithreaded mode. However, if you specify a large number of possible community string values, that will also slow down the scanning process. Hence, if you have set the scanning parameters, and the application is scanning too slow or, even worse, completely "frozen" – go ahead and disable some of those parameters (first, disable network printer search and then disable obtaining additional information through NetBIOS) and try launching the scanning procedure again.
If you have devices with an active SNMP agent on your network, the wizard will display the description for those devices. Such active SNMP agents help the wizard to detect a more diverse range of hardware types. Thus, for example, from the information obtained via SNMP, the wizard can identify switches, hubs, routers, printers, WiFi access points, wireless routers, etc. Besides, using such data received from switches, the wizard can automatically draw the connections diagram for devices in the network by laying the defined lines on the diagram. When searching for hardware with an active SNMP agent, the wizard attempts to connect to the next address using the defined community names (Community). Those names can be listed in the Community strings field, separated with commas. The most commonly used community names set by default are public, private, rmon. If you are positive your hardware has other names, please define them in the list.
The program supports the SNMP v3 protocol. It is the secure version of SNMP. You need to provide username and password (with the # symbol) instead of community strings.
The program is able to scan VLANs on CISCO switches. To do this, specify all VLAN numbers with your community strings using the @ sign in the Community strings field. For example, public@1, public@2, public@100 (this will poll VLANs 1, 2, and 100). The program will poll all the listed VLANs and get MAC addresses from them.
Warning! This function only works on Cisco switches.
If you already know IP addresses of your switches and their SNMP community strings, select the Retrieve connection tables from switches option and specify IP addresses of the switches with the strings. This will increase the chances of successfully drawing a network diagram with links between switches and hosts. If this option is turned off, the program will try to detect switches automatically during the scan (if the Search SNMP devices option is checked).
After all the parameters have been set, the Wizard will continue the actual scanning of the network. To move on to the scanning step, click on the Next >> button.
The scanning process starts immediately. First, the application attempts to detect networked and local printers. This procedure may take long time. During the process, the application may fail to respond to requests, and the Stop button will be unavailable. Next, the scanner will search for devices through NetBIOS, what also may take some time. After the completion of the two preparation procedures, the application starts the actual search through all IP addresses within the ranges originally defined. The progress of the process will be indicated by the progress indicator and the "Scanning IP range..." status in the bottom-left corner of the Wizard.
The process can be stopped by clicking on the Stop button.
Hosts found during the scanning will be added to the results list. There is a way to change the type of the device found from the results window. For that purpose, select the required record (multiple selection is allowed) and then open the context menu. On that menu, select the device type to be set.
You can have the program place only selected devices on the diagram by ticking those devices on the list. The buttons Select All, Selected, and Invert Selection will help you with the selection of multiple devices.
Click the Report button to export all scanned information (with the scanning settings and parameters) to a .CSV file.
This report can help the program's developers to assist you if you stumble over any problem when creating a network diagram. Just send the report with your questions to us.
Once the scanning process is complete, move on to the final step by clicking on the Next >> button.
On the final step (Fig. 4), the wizard will prompt you to enter a name for the file to save the new diagram to. Before placing found devices on the diagram, you can set these advanced parameters:
Cut DNS suffix for getting host name when placing device on diagram. The wizard attempts to use devices' specific DNS names as labels for the icons. Such names often have the so-called suffix; e.g., mary.dep1.orgname.com. When this option is selected, the label by the icon will appear as mary.
You can specify, what the wizard is to Use as host address: device's IP address or its DNS name. For networks with the dynamic IP address allocation, select DNS name, for this attribute in this case will remain constant. For networks with static IP addresses you can select using the device's IP address as the name.
To add local printers on diagram, select the corresponding option. However, keep in mind that not all printers found by the wizard are the actual devices. Also, the same local printer can have several names, which the wizard interprets as several different printers. Once the diagram is generated, you will need to make the adjustment by deleting the redundant local printer icons.
When you click Finish, the wizard will draw the new diagram, add found devices on it, when possible – draw the connection lines, and assign object-specific checks. Then the diagram will be automatically saved to the specified file and will be available for the further use. Whenever it is necessary, you can improve the diagram manually and then save the changes to file.
On the first step, you need to add IP or DNS addresses to the list to be scanned via the "trace route" procedure.
The list of addresses can be imported from a text file (the Load from file... button) or you should enter addresses manually one by one. Configure the Response timeout parameter (for the Internet, it is recommended to configure the 2000 ms timeout or more) and the Hops limit. The hops limit defines the maximum number of hosts allowed for one route. The default value is 30.
On the second step, the program runs the scanning process.
You can watch the scanning progress in the tracing window. The program receives host names and their response times on each route. The scanning procedure can take quite a lot of time which depends on amount of hosts in the list and configured parameters.
When the scanning is complete, the program will combine all the routes traced, build a host routing diagram, and show it to you.
Please note, you can use Google Maps images as a background for your routing diagrams. Learn more about configuring background images...