- 16 Jun 2024
- 3 Minutes to read
- Print
- DarkLight
- PDF
Axonius Network Discovery
- Updated on 16 Jun 2024
- 3 Minutes to read
- Print
- DarkLight
- PDF
Axonius-provided Axonius Network Discovery adapter, performing standardized network discovery.
The Axonius Network Discovery adapter scans your network and discovers the assets connected to the network. This is an active scan and could be flagged by security systems as a possible penetration. The Axonius Network Discovery adapter runs on every discovery cycle and at any other custom discovery cycle configured. Information fetched by this adapter can include the following parameters, depending on the asset.
- IP address
- Host name
- OS
- Open ports and their common use
- MAC address
This adapter fetches the following types of assets:
- Devices
- Certificates
Parameters for Customer-hosted (on-premise / private cloud)
- Use Auto-discover Subnet - Select this option to use the auto-discover IP range for the network discovery. This is a subnet of the Axonius machine (based on the IP address of the Axonius machine).
- Additional Network Subnets - Set an IP range to use. When working with customer-hosted machines this is an optional field. The IP range should be input in CIDR format of IPv4 or IPv6 style for example 10.0.0.0/24 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334/64. Multiple ranges are supported using a delimiter.
- Exclude Network Subnets - Set an IP range to exclude. The IP range should be input in CIDR format of IPv4 or IPv6 style for example 10.0.0.0/24 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334/64. Multiple ranges are supported using a delimiter. Multiple ranges are supported using a delimiter.
- Ports to scan (default Top 100) - Set the number of ports to scan, either 'Top 100', 'Top 1000' or 'Full’ for all ports (1-65535); or 'Custom only' - If you select 'Custom only', only the custom ports listed in the Custom ports to scan field are scanned.
- Custom ports to scan (use comma or hyphen) - You can add custom ports to scan, either specific ports separated by commas, or a range of ports separated by hyphens. If you select Top 100 or Top 1000 in the ports to scan field, the system will scan those ports, and in addition it will scan any ports listed in this field. If you only want to scan the ports listed in this field, select Custom only in the Ports to scan drop down.
- Hosts to exclude from scan - Enter a comma separated list of hosts to exclude from the scan.
- Ports to exclude from scan - Enter a comma separated lists of ports to exclude from the scan.
- Comma separated list of new DNS resolvers - Add a comma separated list of DNS resolvers. The system will then use them to get the DNS name of the device from the IP address.
Parameters for Axonius-hosted (SaaS)
If the source for an adapter connection is only accessible by an internal network, you must set the relevant Gateway Connection as part of the Adapter Connection settings.
- Network Subnets - Set an IP range to use. For Axonius-hosted (SaaS) systems, this parameter is a required field. The IP range should be input in CIDR format of IPv4 or IPv6 style for example 10.0.0.0/24 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334/64. Multiple ranges are supported using a delimiter.
- Ports to scan - Set the number of ports to scan, either 'Top 100' , 'Top 1000' or 'Full’ for all ports (1-65535).
- Gateway Name - You have to select a gateway connection when running the Network Scanner adapter on Axonius-hosted (SaaS) systems.
Any additional parameters are the same as above under Parameters for Customer-hosted (on-premise / private cloud).
Advanced Settings
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Fetch certificate data from hosts (default: Disabled) - Select how to fetch certificate data from hosts, either in Normal Fetch, Background Fetch or Disabled.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
Protocols Used
The following protocols are used in the scan:
ICMP, ARP, Banner Grabber
Tools Used
The following open source tools are used by the scanner:
Supported From Version
Supported from Axonius version 4.6