CANUNCLASSIFIED RemoteCollectionofNetworkInformation (ReCoN) ScottMilne ScottMilneConsultingInc. Preparedby: ScottMilne ScottMilneConsultingInc. 280AlbertStreet,Suite1000(10thFLOOR) Ottawa,Ontario K1P5G8 TaskID:0007 Version:1.0.2 PSPCContractNumber:W7714-176208/001/IPS TechnicalAuthority:JonathanRisto,ResearchEngineer Contractor'sdateofpublication:January2020 ThebodyofthisCANUNCLASSIFIEDdocumentdoesnotcontaintherequiredsecuritybannersaccordingtoDNDsecurity standards.However,itmustbetreatedasCANUNCLASSIFIEDandprotectedappropriatelybasedonthetermsandconditions specifiedonthecoveringpage. DefenceResearchandDevelopmentCanada ContractReport DRDC-RDDC-2020-C076 May2020 CANUNCLASSIFIED CANUNCLASSIFIED IMPORTANTINFORMATIVESTATEMENTS ThisdocumentwasreviewedforControlledGoodsbyDefenceResearchandDevelopmentCanadausingtheScheduletothe DefenceProductionAct. Disclaimer:ThisdocumentisnotpublishedbytheEditorialOfficeofDefenceResearchandDevelopmentCanada,anagencyofthe DepartmentofNationalDefenceofCanadabutistobecataloguedintheCanadianDefenceInformationSystem(CANDIS),the nationalrepositoryforDefenceS&Tdocuments.HerMajestytheQueeninRightofCanada(DepartmentofNationalDefence) makesnorepresentationsorwarranties,expressedorimplied,ofanykindwhatsoever,andassumesnoliabilityfortheaccuracy, reliability,completeness,currencyorusefulnessofanyinformation,product,processormaterialincludedinthisdocument.Nothing inthisdocumentshouldbeinterpretedasanendorsementforthespecificuseofanytool,techniqueorprocessexaminedinit.Any relianceon,oruseof,anyinformation,product,processormaterialincludedinthisdocumentisatthesoleriskofthepersonso usingitorrelyingonit.Canadadoesnotassumeanyliabilityinrespectofanydamagesorlossesarisingoutoforinconnection withtheuseof,orrelianceon,anyinformation,product,processormaterialincludedinthisdocument. Templateinuse:C20-0226-03436-coverdcd.dotm © HerMajestytheQueeninRightofCanada(DepartmentofNationalDefence),2020 © SaMajestélaReineendroitduCanada(MinistèredelaDéfensenationale),2020 CANUNCLASSIFIED RemoteCollectionofNetworkInformation(ReCoN) ScottMilne ScottMilneConsultingInc. PreparedByScottMilne ScottMilneConsultingInc. TaskID:0007 Version:1.0.2 PSPCContractNumber:W7714-176208/001/IPS TechnicalAuthority:JonathanRisto Contractor’sdateofpublication:January2020 Page1of31 RemoteCollectionofNetworkInformation(ReCoN) TaskID:0007 ScottMilne Jan08,2020 Version1.0.2 REVISIONHISTORY DATE VERSION DESCRIPTION AUTHOR Dec2019 1.0.0 ScottMilne Dec2019 1.0.1 UpdatedbasedonfeedbackfromDRDC ScottMilne Jan2020 1.0.2 UpdatedbasedonfeedbackfromDRDC ScottMilne Page2of31 TableofContents 1. INTRODUCTION......................................................................................................4 1.1 ABSTRACT...........................................................................................................4 1.1.1 Backgroundconcept......................................................................................4 1.1.2 Results...........................................................................................................4 1.1.3 Conclusion.....................................................................................................4 1.2 PROJECTSCOPE....................................................................................................5 1.2.1 WindowsHosts..............................................................................................5 1.2.2 LinuxHosts....................................................................................................6 1.2.3 NetworkInfrastructureElements...................................................................6 1.2.4 Firewall..........................................................................................................7 1.2.5 Peripherals.....................................................................................................7 1.2.6 AdditionalConsiderations.............................................................................7 1.3 REFERENCES........................................................................................................8 1.3.1 Product:Lansweeper.....................................................................................8 1.3.2 Product:SolarWinds......................................................................................8 1.3.3 Product:GLPIwithFusionInventory...........................................................8 1.4 ASSUMPTIONS......................................................................................................8 2. OVERVIEW...............................................................................................................8 2.1 OVERALLSUMMARY............................................................................................8 2.1.1 TestNetwork.................................................................................................8 2.1.2 ProductsEvaluated........................................................................................9 2.1.3 ProductsNotFullyEvaluated......................................................................10 3. DETAILEDANALYSIS..........................................................................................11 3.1 LANSWEEPER.....................................................................................................11 3.1.1 TestNetworkTopology...............................................................................12 3.1.2 Section6.1to6.5Summary.........................................................................12 Figure3:TestTopology............................................................................................12 3.1.3 Section6.6results........................................................................................12 3.2 SOLARWINDS.....................................................................................................16 3.2.1 TestNetworkTopology...............................................................................16 3.2.2 Section6.1to6.5Summary.........................................................................17 3.2.3 Section6.6Results......................................................................................17 3.3 GPLWITHFUSIONINVENTORY..........................................................................22 3.3.1 TestNetworkTopology...............................................................................22 3.3.2 Section6.1to6.5Summary.........................................................................23 3.3.3 Section6.6Results......................................................................................23 4. CONCLUSION.........................................................................................................26 APPENDIXA...................................................................................................................27 Section6.1-Windows..............................................................................................27 Section6.2-Linux....................................................................................................28 Section6.3-NetworkInfrastructureElements.........................................................29 Section6.4-Firewall................................................................................................30 Section6.5–Peripherals...........................................................................................31 Page3of31 1. Introduction 1.1 Abstract 1.1.1 Backgroundconcept 1. TheCOSWsectionatDRDChasbeenconductingsignificantworkintheareaofautomatedCND. Thecapabilitytoaccuratelyidentifyproblemsinthenetworkandtoofferremediationtechniques requiresthatspecificinformationbeavailablefromtheassetsanddevicesonthenetwork.Network identificationactivitiesencountervariousnetworkstates.Thestatesthatthisworkwillberequiredto considerinclude: · Fullnetworkconnectivityanduninterruptedaccesstointernalandexternalresources(e.g.classic enterprisenetworkwithinternetconnectivity). · Limitedorunstable/intermittentnetworkbandwidthtoremotesites(e.g.networkconnections betweensomenetworksitesislimited) · Noexternalnetworkaccess(e.g.anisolatednetwork) 2. Foreachofthenetworkstates1-3above,theCOSWsectionrequirestheinformationlistedin Sections6.1-6.5tobeprovidedwithconsiderationofthefactorslistedinSection6.6.Foreach categoryofdevice/information,ataminimumtwoproductsmustbeidentifiedthatcanprovidethe listedinformation.Bothopensourceandcommercialsolutionsshouldbeconsideredifavailable. 3. Theintentofanend-solutionistobothgatherandcombineinformationoneachtypeofassetintoa centralrepository.Therefore,solutionsthataddressallofthedifferenttechnologieswouldbeof interest,aswouldsolutionsthatmakesuchintegrationpossiblethroughopenAPIsorbyexposing theirdatabases.Suitabilityofeachsolutiontothisgoalshouldalsobeconsidered. 1.1.2 Results 1. Theresultsdisplaytheexistenceofproductscapableofcollectingtherequiredinformation,and whereoutoftheboxfunctionalitylacks,canbesupplementedbycustomizations. 2. Throughtheuseofprovidedconfigurationoptimizations,productscanworkinanetwork disadvantagedenvironment.This,whenusedinconjunctionwithproductagents,canallowforalarge amountofflexibilitywhenworkingindifferentconnectedenvironments.Thisfunctionalityalso allowsforscalabilitytolargeinstallationaswellasheterogeneousconnectionstatesatellitesites 1.1.3 Conclusion 1. Productscurrentlyonthemarketplaceexistthatcan,withacertainamountofcustomization,collect andmaintainaninventoryofnetworkelementsinavariableconnectionstateenvironment.