Network polling

Information about the structure of the network and devices on this network is received by Kaspersky Security Center Cloud Console through regular polling of the Windows network, IP ranges, and Active Directory on the corporate network. Network polling can be started either manually or automatically according to a schedule.

Based on the results of this polling, Kaspersky Security Center Cloud Console updates the list of unassigned devices. You can also configure rules for newly discovered devices to be moved automatically to administration groups.

Kaspersky Security Center Cloud Console uses the following methods of network polling:

• IP range polling. Kaspersky Security Center Cloud Console polls the specified IP ranges using Internet Control Message Protocol (ICMP) packets and compiles a complete set of data on devices within those IP ranges.
• Windows network polling. You can run either of the two Windows network polls: fast or full. During a fast poll, Kaspersky Security Center Cloud Console only retrieves information from the list of the NetBIOS names of devices in all network domains and work groups. During a full poll, the following information is requested from each device: operating system (OS) name, IP address, DNS name, and NetBIOS name.
• Active Directory polling. Information about the Active Directory unit structure and about DNS names of the devices from Active Directory groups is recorded to the Kaspersky Security Center Cloud Console database.

Polling results are shown on the Discovery & deployment → Discovery section separately for each polling method.

One device can be shown in more than one detection area. If a device is detected in the HQ domain and its address is 192.168.0.1, the device will appear on both the Windows Domains tab and the IP poll tab. You can modify network polling settings for each polling method. For example, you may want to modify the polling schedule or to set whether to poll the entire Active Directory forest or only a specific domain.