...
CIDR notated subnets. These are either manually entered or discovered from hosts Interface configuration. Discovery is through NMIS or Open-Audit Enterprise interface information. A subnet is associated with Addresses and Gateways see below.
The base set information collected and recorded into the above structure is as follows, these entities are associated with a particular Network Domain.
Which contains:
Addresses
These are the inidividual IP addresses, initialy these are simply inferred from the Subnet and it's mask.
The IP address entry starts as inferred information from the subnets
...
and once network audits
...
(ping sweeps etc) and the import of information from NMIS, and Open-Audit Enterprise is available the Addresses gain more information such as, a Name, Admin Status, Operational Status, Endpoint(s), Type (static or dynamic).
The other information collected and recorded into the above structure is as follows, these entities are associated with a particular Network Domain and in the case of an Address it is associated with a particular Subnet and hence Security Zone.
Endpoints
These are discovered interfaces / MAC addresses. An endpoint is a Network Attachment, in the majority of cases this is the MAC address. These are discovered through NMIS, Open-Audit Enterprise or the hosts own ARP table if that subnet is directly attached. An endpoint could in some cases not have a MAC, if the interface does not have a MAC, it would then only have an interface name. Endpoints are associated with an Address (potentially a history of addresses if the device changes IP). Endpoints also record other information found from the device such as, interface name, interface description, speed and the manufacturer (taken from the MAC's OUI).
...