Active Discovery is a feature to enforce data enrichment on the network. Active Discovery is an optional feature that explores traffic in an active way. All components are not found by Cisco Cyber Vision because those devices have not been communicating from the moment the solution started to run on the network. Some information, like firmware version, can be difficult to obtain because it is not exchanged often between components.

With Active Discovery enabled, broadcast and/or unicast messages are sent to the targeted subnetworks or devices through sensors, to speed up network discovery. Returned responses are analyzed and tagged as Active Discovery. Components and activitiesare clarified with additional and more reliable information than may be found through passive DPI. The following table lists the supported protocols.

Active Discovery is available on the following devices:

• Cisco Catalyst IE3300 10G Rugged Series Switch

• Cisco Catalyst IE3400 Rugged Series Switch

• Cisco Catalyst IE9300 Rugged Series Switch

• Cisco Catalyst 9300 Series Switch

• Cisco Catalyst 9400 Series Switch

• Cisco IC3000 Industrial Compute Gateway

• Cisco IR8340 Integrated Services Router Rugged

Active Discovery jobs can be launched at fixed time intervals or just once.

For more information and instructions on how to configure Active Discovery in Cisco Cyber Vision, refer to the Cisco Cyber Vision Active Discovery Configuration Guide.