So I got a request from a customer recently to have his three datacentres scanned to discover what devices were actually on the different network segments and then proceed with vulnerability assessment scans of the managed hosts. So far nothing I hadn't encountered before, but this particular CISO was a wizened old guy recently appointed to "shape up" this customers IT-security operations and in a no-nonsense way described exactly how he wanted the results presented.
In addition to the normal asset listings, he wanted the results of the discovery scans presented in a map layout where he could get a "big picture" overview and drill down on specific segments and hosts to get more details. I could see right away how this would be useful to him and that it would certainly benefit other customers if added to my standard documentation procedure for these types of assignements, so I agreed after asking a few follow-up questions to make sure we had our expectations in sync.
Back at the office I started by evaluating the existing "network map generating" scanners I could find. Since Microsoft axed the "network discovery" features of Visio after aquiring it, the current favourite (judging by google results) seems to be SolarWinds' LANsurveyor product that neatly fills the gap, being integrated as a Visio Add-On. The drawback was the legacy of SolarWinds as a network management software vendor heavily into SNMP. Without SNMP-access to routers and switches, the discovery options of LANsurveyor are severely limited. Also, the information gathered on servers was less than impressive and the device icons and network layout looked really crappy. All other options were just as bad or priced out of my range.
Back to basics, I figured, and set upon searching for Visio scripting options. This looked promising, so I dived in, not knowing the horrors that lie in wait under the slick facade of Visio. Bacically, the Visio backend is a huge spredsheet or collection of spreadsheets. Each item in Visio (Document, Page, Shape, etc.) is described by a "Property Sheet" that looks similar to a simple database or spreadsheet comprised of "Sections" (tables with untyped columns) and "Rows" containing "Cells". To spare you the gory details I'll just say that the loose typing of the cells (due to the API's VBA roots) doesn't jive with C# too well and so it was a bit of a pain to figure out how to get and set the property values.
After a couple of days of bashing away at this (and learning a bit of XPath along the way), I had something that actually drew a "map" of a subnet by connecting an Ethernet shape with Server, Switch, Router, etc. shapes nicely layed out in rows of n shapes. After figuring out how to bypass the VB vs. C# typing issues, getting the properties of each device (Hostname, MACAddress, OStype, Vendor, identified services, etc.) into the "Custom Properties" of each shape was a snap! I still need to figure out how to programmatically add overlay graphics ("Data Graphics") onto the device shapes, but with these manually added it's looking promising.
I'm running this post a bit long so I'll wrap up for now by publishing the first version of the thing to solicit comments, ideas and criticism.
I hope to someday refactor this into something that might be useful in the real world, but that will have to wait until I have a few days of downtime to spend again. 'Til then, the more feedback I get, the more inclined I'll be to actually make somthing of it. "I look forward to your letters..."