Axonius Network Discovery
  • 07 Jan 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Axonius Network Discovery

  • Dark
    Light
  • PDF

Article Summary

Axonius-provided Axonius Network Discovery adapter, performing standardized network discovery.
The Axonius Network Discovery adapter scans your network and discovers the assets connected to the network. This is an active scan and could be flagged by security systems as a possible penetration. The Axonius Network Discovery adapter runs on every discovery cycle and at any other custom discovery cycle configured. Information fetched by this adapter can include the following parameters, depending on the asset.

  • IP address
  • Host name
  • OS
  • Open ports and their common use
  • MAC address

This adapter fetches the following types of assets:

  • Devices

Parameters for Customer-hosted (on-premise / private cloud)

  1. Use Auto-discover Subnet - Select this option to use the auto-discover IP range for the network discovery. This is a subnet of the Axonius machine (based on the IP address of the Axonius machine).
  2. Additional Network Subnets - Set an IP range to use. When working with customer-hosted machines this is an optional field. The IP range should be input in CIDR format of IPv4 or IPv6 style for example 10.0.0.0/24 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334/64. Multiple ranges are supported using a delimiter.
  3. Exclude Network Subnets - Set an IP range to exclude. The IP range should be input in CIDR format of IPv4 or IPv6 style for example 10.0.0.0/24 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334/64. Multiple ranges are supported using a delimiter. Multiple ranges are supported using a delimiter.
  4. Ports to scan - Set the number of ports to scan, either 'Top 100', 'Top 1000' or 'Full’ for all ports (1-65535).
  5. Hosts to exclude from scan - Enter a comma separated list of hosts to exclude from the scan.
  6. Ports to exclude from scan - Enter a comma separated lists of ports to exclude from the scan.
  7. Comma separated list of new DNS resolvers - Add a comma separated list of DNS resolvers. The system will then use them to get the DNS name of the device from the IP address.

AxoniusNetworkDiscovery

Parameters for Axonius-hosted (SaaS)

Note:

If the source for an adapter connection is only accessible by an internal network, you must set the relevant Tunnel Connection as part of the Adapter Connection settings.

  1. Network Subnets - Set an IP range to use. For Axonius-hosted (SaaS) systems, this parameter is a required field. The IP range should be input in CIDR format of IPv4 or IPv6 style for example 10.0.0.0/24 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334/64. Multiple ranges are supported using a delimiter.
  2. Ports to scan - Set the number of ports to scan, either 'Top 100' , 'Top 1000' or 'Full’ for all ports (1-65535).
  3. Tunnel Name - You have to select a tunnel connection when running the Network Scanner adapter on Axonius-hosted (SaaS) systems.
Note:

Any additional parameters are the same as above under Parameters for Customer-hosted (on-premise / private cloud).

Protocols Used

The following protocols are used in the scan:
ICMP, ARP, Banner Grabber

Tools Used

The following open source tools are used by the scanner:

Supported From Version

Supported from Axonius version 4.6


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.