Local Network Inspector

The Local Network Inspector gives you a live map of the on-site network behind each plant — every switch, router, camera, logger and meter on the local subnet — discovered and health-checked automatically by the on-site Mirox-Agent. You see what is connected, whether it is reachable, and how the data path from the cloud down to each logger is holding up, without ever setting foot on site.

Concept

Data only flows when the local network underneath a plant is healthy. The Local Network Inspector is the part of the Mirox-Agent that watches that network from inside the site. It scans the configured subnets, builds an inventory of the devices it finds, classifies them, and keeps polling them so you always know their state.

Because the inspector runs on the agent at the edge, it sees the plant's local network directly — the same view a technician on site would have — and reports its findings back up to the platform. You interact with it entirely from the Mirox-Cloud interface: trigger a scan, review discovered devices, adjust how each one is checked, and watch the results stream in.

Automatic Device Discovery

The inspector finds devices on the local network on its own. A discovery sweep walks the plant's subnets through a layered sequence, each step adding more detail about what it found:

  • ICMP Sweep: Pings every address in the configured subnets to find which hosts are alive.
  • Address Resolution: Reads the local address table to pair each live host with its hardware (MAC) address.
  • Vendor Lookup: Derives the device manufacturer from the hardware address registry (MAC OUI).
  • SNMP Probe: Where a device responds to SNMP, the inspector reads its system description, name and object identity for a richer fingerprint.
  • Classification: Combines all the evidence — including a built-in catalog of hundreds of network operating systems and tens of thousands of registered vendors — to label the device's vendor, type, model and operating system.

For devices that simple pattern-matching cannot identify, the inspector applies AI device identification: it packages the raw fingerprint evidence and asks the platform's AI to recognize the device family. This catches equipment that brittle rules miss.

Each discovered device is recorded with its address, hardware address, vendor, type, model, first-seen and last-seen times, and how it was found. You can add devices manually as well — useful for equipment that does not answer a scan but still needs to be tracked.

Scheduled Scanning

Discovery runs automatically on a schedule sized to the network: smaller plants are scanned hourly, larger ones daily, and very large address ranges fall back to manual scans only. You can also trigger a scan at any time, abort one in progress, or re-check a single device on demand.

Continuous Device Monitoring

Once a device is known, the inspector keeps checking it so you find out the moment something drops. Each device has its own monitoring profile that you can tune:

  • ICMP Reachability: Ping-based availability checks confirm the device is responding.
  • TCP Port Checks: Verify that specific services are listening on the ports you expect.
  • HTTP Endpoint Checks: Confirm a web endpoint responds, for devices that expose one.
  • SNMP Polling: For SNMP-capable devices, collect system, interface and resource readings.

You set the polling interval and which checks to run per device, and you can disable monitoring on devices you do not care about. Each device reports a clear state — online, offline or unknown — alongside its history.

Availability and Latency History

For each monitored device the inspector keeps a history you can chart over a chosen time window:

  • Availability: The share of time the device was reachable, broken into online / offline / unknown segments.
  • Ping Latency: Response-time trend, to spot a link that is degrading before it fails.
  • Packet Loss: Communication-quality trend on the path to the device.

This turns a vague "the logger keeps dropping out" complaint into a precise, time-stamped record you can act on.

Subnet Awareness

The inspector understands which subnets belong to a plant, taken from the plant's VPN routes. It reports how many devices it has found in each subnet, and flags any device whose address falls out of range of every configured subnet — a sign that a network route was removed or a device was misconfigured. This keeps your device inventory aligned with the network the platform can actually reach.

Connection Status and Topology

The inspector's device inventory is one link in a longer chain. The platform stitches the full path together into a live connection topology for each plant, so you can see exactly where a break sits:

Cloud → Agent → Infrastructure → Organization VPN → Network Devices → Loggers

The connection topology renders this chain per plant, with an extra branch for each direct plant VPN. Network devices are grouped under the VPN whose address range contains them.

A logger that sits behind an offline device is shown as unreachable even if the logger itself last reported as healthy — the chain inherits the worst state along the path. A separate Connection Status view rolls this up across every plant you can access, so you can scan your whole portfolio for trouble at a glance.

Remote Device Access

Many discovered devices expose a web interface for their own administration. Rather than open a VPN client, you can reach a device's web UI through the Mirox Proxy straight from your browser. The inspector tracks which devices have a reachable web interface and links them to their proxy entry, so jumping from "this switch looks unhealthy" to its admin page is one click.

Security and Access

The Local Network Inspector is a plant sub-resource, so access follows the plant's permission model:

  • Viewing devices, status and topology requires a technical job role on the plant — Technical Manager or higher (including Operator). Cooperating organizations with the required role on a shared plant are included.
  • Triggering scans and editing device monitoring requires the same technical authority (modify rights on plant components).
  • Stored device credentials (such as SNMP secrets) are gated more tightly still and are never exposed in the device list — they live behind a dedicated, higher-privilege credentials view.

On-Site Scope

The inspector only sees devices on the plant's own local network, reached through the plant's VPN. It is not a general internet scanner, and it never crosses into another organization's network.

What Is Not Included

To set expectations, the inspector focuses on discovery, classification and reachability. It does not perform path-tracing (traceroute), DNS resolution testing, routing-table or firewall-rule inspection, or any automated remediation such as restarting services or resetting device configuration. Diagnosis and repair remain with you and your technicians; the inspector's job is to tell you precisely what is connected and what state it is in.

  • Proxy — browser-based access to a discovered device's web interface without a VPN client
  • VPN — the secure tunnel that lets the agent and the platform reach the plant's local network
  • Real-Time Monitoring — the production-data path that the inspected network keeps healthy
  • Events — notifications raised when connectivity or a logger changes state
  • Digital Twin — the analysis layer that depends on a healthy data path

Technical Implementation

For how the on-site agent discovers and scrapes the local network, see the Data Scraper architecture page.

MIT Licensed | Copyright 2026 Mirox Verwaltungs GmbH