diff --git a/netbox-event-driven-architectures/agents/.README.md b/netbox-event-driven-architectures/agents/.README.md
index 9f9ec0e..15f0e7a 100644
--- a/netbox-event-driven-architectures/agents/.README.md
+++ b/netbox-event-driven-architectures/agents/.README.md
@@ -13,6 +13,9 @@
 ```
 
 - Install ContainerLab
+```
+# bash -c "$(curl -sL https://get.containerlab.dev)"
+```
 
 - Create and activate a virtual environment
 ```
diff --git a/netbox-event-driven-architectures/agents/monitor_network/monitor_network.py b/netbox-event-driven-architectures/agents/monitor_network/monitor_network.py
index 6aec106..e009150 100644
--- a/netbox-event-driven-architectures/agents/monitor_network/monitor_network.py
+++ b/netbox-event-driven-architectures/agents/monitor_network/monitor_network.py
@@ -27,6 +27,9 @@ def __init__(self):
         self.netbox_url = os.getenv("NETBOX_URL")
         self.netbox_token = os.getenv("NETBOX_TOKEN")
 
+        self.network_cidr = "172.20.20.0/24"
+        self.ignore_ips = ['172.20.20.1']
+
         # Load devices from netbox
         self.network_devices = self.load_devices_from_netbox()
 
@@ -70,6 +73,32 @@ async def message_handler(self, msg) -> None:
             table.add_row([device, ip, ping_status])
 
         await self.nc.publish(self.publish_subject, f"Monitoring for devices in {self.netbox_url} \n {table}".encode())
+
+        # Scan the subnet and figure out if any devices are there that shouldn't be
+        
+        # Initialise nmap PortScanner
+        nm = nmap.PortScanner()
+
+        # Scan the subnet
+        current_time = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
+        print(f"{current_time}: Scanning {self.network_cidr}...")
+        nm.scan(hosts=self.network_cidr, arguments='-sn')
+
+        print(f"Found hosts: {nm.all_hosts()}")
+
+        for host in nm.all_hosts():
+            print(f"Comparing host {host} to ignored IPs: {self.ignore_ips} and known IPs: {self.network_devices}")
+            print(f"Available keys for {host}: {nm[host].keys()}")
+            if host in self.ignore_ips:
+                print(f"Ignoring host {host} as it is present in the IP ignore list {self.ignore_ips}")
+            elif host in list(self.network_devices.values()):
+                print(f"Ignoring host {host} as it is present in the NetBox inventory: {self.netbox_url}")
+            else:
+                # We do not know about this IP so alert on it
+                await self.nc.publish(self.publish_subject, f"Found unknown host in monitored subnet ({self.network_cidr}) Hostname: {nm[host].hostname()} IPAddress: {host}".encode())
+
+
+
         
         print(table)
 
diff --git a/netbox-event-driven-architectures/lab/srl01.clab.yml b/netbox-event-driven-architectures/lab/srl01.clab.yml
index 2696bc3..39a48bd 100644
--- a/netbox-event-driven-architectures/lab/srl01.clab.yml
+++ b/netbox-event-driven-architectures/lab/srl01.clab.yml
@@ -7,5 +7,14 @@ topology:
       type: ixrd3
       image: ghcr.io/nokia/srlinux
   nodes:
-    srl:
+    srl1:
       kind: nokia_srlinux
+      mgmt-ipv4: 172.20.20.2
+
+    srl2:
+      kind: nokia_srlinux
+      mgmt-ipv4: 172.20.20.3
+
+    srl3:
+      kind: nokia_srlinux
+      mgmt-ipv4: 172.20.20.4