The Scanning functionality is dedicated to creating, configuring, and managing network-based scans for deployed external and internal scanners that will target an organization’s infrastructure and attempt to identify vulnerabilities. Each subscription will come pre-configured with the ability to scan externally and should be setup with a dedicated attack surface scanner.

Scan Initialization

Users have the ability to create and configure network-based vulnerability scans against their external and internal network asset targets. To create scans, users should perform the following steps, as described below:
1

Target Creation

Targets and configurations need to be created and saved. Specify the target name, IP address and/or Hostname, as well as the port list, alive test, and the location that the scan will be executed from.
2

Scan Creation

Scans need to be created and tied to the targets that were generated from the initial step. Enter a scan name and then select the created target(s) and scan configuration to assess the targets.
3

Launch or Schedule Scans to Run

Once scans are created and are in the “New” state, users can navigate to the Scan Control or the Schedule page(s) to launch the initial scan on a one-time basis (Scan Control) or scheduled out to run at at designated time and frequency (Schedule).

Target Creation

To create a target, navigate the the Scan Creation page and click Add Target. Users will be prompted to then enter the following values within the New Target prompt:
  • Label: Target or asset name
  • IP Addresses: IP address, IP address range, or domains (fully-qualified hostnames)
  • Port List: Specific ports to scan (All TCP, All TCP and NMAP Top 100 UDP, or All TCP and UDP)
  • Alive Test: What traffic to send to the target assets to perform initial fingerprinting
  • Location: What scanner to use to scan the created targets
Once the target is created, click Submit, and the platform will sync back to the scanner. If the scanner is service successfully creates the targets, the targets will become Available. Once this happens, users can proceed to create scans.

Scan Creation

To create a scan, you will need to attach the targets that were created in the previous steps, name the scan, and choose the scan configuration. Currently, users have the ability to perform two (2) scan configurations:
  • Basic Network Scan: The basic network scan will perform all of the network-based vulnerability tests against the targets that are used for the scan that is created.
  • Discovery: The discovery scan will attempt to probe with the specific Alive Test configurations that were set on the targets that are specified for the scan that is created.
Once the scan has been named, the targets have been selected, and the scan configuration is chosen, select Save, and the scan will be created. When the scan has been saved and synced to the scanner and it has reached the New status, the scan is ready to be launched.

Scan Control

The scan control page displays all the scans that have been created. These scans can be launched directly from the Scan Control page or scheduled out to run on the Schedule page.
The Location of each scanner is setup when the Shield Service is installed on a the target environment. Subscriptions have the ability to contain multiple locations under a single subscription, however, each scanner will have one location (1:1).
The Scan Control module will allow users to view the scans at each location, the name of the scan, and the status of the scan. If a scan has completed successfully, users have the ability to re-sync the information within each scan at any point in time by clicking the purple re-fresh button in the top right corner of the scanner’s location table.
To create scans, users should navigate to the Scan Creation to configure and create the scans.

Schedule

Users can tie created scans to schedules so that the scans run on a one time, daily, weekly, or monthly basis. To schedule a scan to run, navigate to the Schedule and click Add Schedule.
All created scans will be listed in the Scan drop-down box. Users can choose the exact date and time to run the scan, as well as the frequency the scan should occur.