Faddom Setup
Is Faddom safe and secure to install in my environment?
We are secure for the following reasons -
Complete agentless solution
No requirement for credentials
No firewall changes
All Data is stored in your environment
It can be deployed in offline environments
You determine the level of security
It's read-only
We're certified for penetration testing
Compliant with ISO27001
For further information see Is Faddom Secure?
What size VM is needed and what are the other installation prerequisites?
Faddom is a lightweight application and has minimum installation requirements. For detailed information see Installation Prerequisites
How do I access Faddom?
Use your favorite internet browser and use HTTPS to navigate to the address you set up for the Faddom server. How to Access Faddom
How do I login to the Faddom UI?
If installed on a Windows server the Windows user that performed the installation will have access.
On a Linux server the username is Administrator and the password for is set on the first login. It can be reset How to reset the administrator password?
Do we need to open ports for Faddom to work?
See What ports need to be open for Faddom to function? to know which ports Faddom requires.
When do I need to use the offline activation?
When you do not have internet access as the activation is done via the internet connection on the client. See How to Activate Your License Online and Offline
What happens if I receive my license expires and/or I'm issued with a new license?
Your existing data will remain however no new data will be collected until Faddom is reactivated.
Using Faddom in VMware
Which VMWare permissions needed?
VMware access are optional but recommended. For the list of recommended permissions see What are the required vCenter permissions?
Can the user connect more than one vCenter to Faddom?
Yes if they can communicate with each other, you just need to add the credentials for each vCenter instance. If not, a proxy server may be required to further the data from one instance to the other.
In VMware our company only has standard switches and no distributed switches. Can we still use Faddom?
You will need to run Sensor Deployment. For instructions on how to do this see Setting up network traffic collection in VMware
When does Faddom use promiscuous mode in VMWare?
It would be used when NetFlow is not available, i.e. when using standard switches. The Faddom UI will configure this manually when deploying sensors. See How to Deploy A Sensor via Faddom UI
If I don't want to provide Faddom with credentials to vCenter can I install manually?
For distributed switches in VMWare see Configure Netflow In VMware
For standard switches Deploying Faddom Sensors Using Powershell
A complete manual installation is not recommended for standard switches.
Using Faddom in the Cloud
Can Faddom map my public clouds?
Yes, and we work in AWS, Azure, and OCI.
Does Faddom work on AWS GOV Cloud?
Yes, we are full partners with AWS and we support all their regions.
Can the cloud costs be customized with each customer’s discounts?
This is not currently available.
Does Faddom need to access all network traffic to map a hybrid environment?
Faddom will map anything it gets information for. If it does not get all network traffic, it will only provide you with a map of the traffic it collected.
Can Faddom map a cloud environment with multiple regions?
Yes. Each region needs to be added separately, however.
See Mapping a Microsoft Azure subscription using Faddom
See Mapping an AWS Subscription Using Faddom
What Does Faddom Map
How deep does Faddom drill down on the server level?
Faddom collects all the data stored on the vCenter or Hyper-V instance via APIs
Does Faddom support SNMP v3?
We support SNMPv3 for both load balancers (see How to Set Up a Load Balancer) and for physical devices (see Network Topology Mapping)
How does Faddom map routers/switches?
Through SNMP protocols Network Topology Mapping
I can’t get the SNMP to work for the network discovery
For SNMP discovery, there are several things you need to check:
You are using the correct community string
The range of IP addresses that you are scanning covers the devices you want to identify
The firewall allows SNMP traffic between our server and the network devices
The Faddom server IP is allowed to make SNMP queries in the whitelist/ACL on the network devices (not all devices have this requirement)
My Domain Controller has multiple IPs how can I see what is connected to each one?
You can use the search functionality to gather this information and export it to Excel
Is there a way to disable the geo tagging on the IP’s?
Go to Settings -> Discovery Scope and add the subnet there.
For all subnets that are defined as internal, Faddom should show the name of the servers instead of the ASN for those IP addresses.
Can Faddom map all kinds of applications?
Faddom can map any application whether it is an out-of-the box or custom application if it has an IPv4 address. It can map applications from any source and platform.
Can we show the databases the servers are using?
No, as Faddom will only scan the server. It will show information about the server that is stored on the host, and it cannot access applications hosted on servers.
How does Faddom map physical servers?
We collect NetFlow/sFlow from routers, switches, firewalls, and load balancers. When this is not possible, an agent can be installed. See Capturing network traffic using agents
Does Faddom have the ability to drill into apps, services, and processes and how is this done?
We do not drill into services and processes on a VM, however, you can see running processes on VMs using the Service Discovery feature. We use network traffic data to build the dependencies and VMware APIs for details on the servers themselves.
How does Faddom map a VDI environment?
Faddom will map a virtual desktop as a server so you will see full traffic. This will mean that each desktop will impact your license. If you do not want to include them in your license, you can exclude them from discovery by following our How to Exclude Subnets from Discovery guide.
Network Traffic & Data Collection
How does Faddom collect the network traffic?
Faddom collects the traffic through NetFlow/sFlow/Cloud Flow Logs or packet inspection.
What are NetFlow & SFlow?
NetFlow is a network traffic protocol developed by Cisco in 1996. It provides the ability to collect network traffic in an IT environment.
sFlow, is a packet sampling protocol created by InMon Corporation that has seen broad network industry adoption. This includes network equipment vendors that already support NetFlow including Cisco, along with router vendors like Brocade (now Extreme) and in many switching products including those from Juniper and Arista.
Do I need to enable NetFlow through Faddom UI?
For VMWare, you can enable NetFlow through the UI assuming Faddom has sufficient permissions and credentials, but it is not required. You can also enable Netflow manually in VMware. See Configure Netflow In VMware
How does Faddom map multiple environments?
As long as the environments are communicating with each other then Faddom can map them with a single instance. If you have separate environments (e.g. multiple sites) then you can use a proxy server to collect the information in one environment and send it to the other.
Can we map Juniper devices that run using Jflow?
Yes - It is the same as NetFlow v5 which we support.
If an Azure server doesn't have NSG Logs can Faddom build a map through the gateway logs?
No, because Faddom requires the NSG flow logs which the Gateway Logs do not provide.
How does Faddom receive the additional info properties of the servers
Depends on the environment. For a VMware environment, it is collected through the vCenter database (stored for 30 days). With Hyper-V, through the sFlow protocol, and in cloud environments, through APIs.
How does Faddom know the names of the servers?
Faddom gets this information from your DNS server via reverse lookup, or integration with other platforms.
How long should Faddom run before I can use our rightsizing recommendations?
Depends on the environment. For VMware, we already get the data for the last 30 days upon installation. For other environments, we collect while we are running, so it should probably collect for at least two weeks before giving sizing recommendations
Is there a limit to what Faddom can map?
If there is an IP address, then Faddom can map it regardless of the underlying hardware or OS.
Can Faddom map Nutanix AHV?
Faddom can connect to Nutanix AHV to collect VM information. For collecting network traffic, some installation is required on the Nutanix host. Please contact support@faddom.com if you need assistance with this.
Miscellaneous
If the VM that Faddom is installed on fails is there an effortless way to recover it or does the customer need to do a full installation from the beginning?
If there is no local backup or snapshot, then a full installation will need to be performed. Faddom does not take backups or snapshots of itself and this needs to be configured on the hyoer-visor.
What counts as an instance for the pricing plan?
Faddom bases its pricing off the servers in an IT environment, this includes any physical/virtual/cloud-based server in the IT environment being mapped.
How does Faddom discover the SSL certificates?
Faddom analyses SSL packets. This can only be done if full packet capture is enabled. This will not work through Netflow. See How to Manage SSL Certificates
Can we show the servers with the most traffic, so I know the key servers in my environment?
Currently this is not a functionality that we offer.
Can Faddom discover incoming/outgoing traffic in the environment?
Faddom sees all traffic between servers, regardless of whether it is incoming or outgoing. By default, Faddom will not collect traffic that is outgoing from your network to external addresses. This can be enabled on a per-subnet basis in the Settings -> Discovery Scope screen.
How do I update to the latest release?
For Linux, this can be achieved by logging into the server and either running the upgrade script or downloading it
For Windows you need to download and run the setup EXE.
See our article Upgrading the Faddom Server
What happens if my server count exceeds my license?
The servers will still show in the maps, however, you will only have limited information on the servers. You can refer to our Licensing page for more information.
How to upgrade my license?
Email info@faddom.com to upgrade your license.
How does Faddom notify me of changes?
Through the app and by email through SMTP protocol as long as you have configured notifications
See Notifications and Events
What information does Faddom show for Kubernetes?
We show the different services in the cluster and their dependencies. For further information see Discovering Kubernetes
Troubleshooting
I've noticed the Faddom system started running very slowly, it seems to be more responsive after a restart
Check the memory usage on the Faddom server. The default settings for the Faddom server may not be enough to handle your environment.
Faddom has stopped working what can I do?'
This may be an issue with the disk space of the database. See How to increase the size of the database disk on the Faddom virtual appliance?
Why don’t I see any traffic or maps in VMware after I have done the installation?
This is most likely a permissions or NetFlow configuration error. For more information see Faddom is not receiving network traffic from VMware. How I can debug it?
What do I do if I need further support?
You can create a ticket directly from the Faddom UI or by emailing support@faddom.com