Axonius Cybersecurity Asset Management: Customer-hosted (on-premise / private cloud)

In on-premise deployments, Axonius is deployed on a virtual appliance that is part of your organization’s internal network.

How It Works & System Architecture

The Axonius solution is deployed as a single virtual appliance. It does not rely on more traditional methods of acquiring data for asset inventories, such as:

• Listening and monitoring network traffic.
• Scanning the network for systems that are online at the time of the scan.
• Installing additional endpoint agents.

To aggregate and correlate asset data, Axonius securely fetches data on periodic and custom discovery cycles from your IT, Security, and Infrastructure solutions using pre-built integrations with hundreds of security and management solutions, known as adapters.

Once the virtual appliance is deployed, the solution utilizes adapters to connect to its target data sources. Each adapter requires basic configuration information, including the hostname or IP address of the target system, and the relevant read only access credentials. For example, in the case of Microsoft Active Directory, the solution needs the IP address or hostname of a Domain Controller and a username/password with sufficient privileges to read all relevant objects.

If an adapter needs to connect to a solution on a separate segregated network, a Compute Node virtual machine (VM) can be deployed to relay the information to the Primary Node VM through a dedicated network IP port with all traffic being encrypted across this protocol.

For more details on adapters and enforcement actions, see:

• Adapter List
• Enforcement Center - Action Library
• Connecting Additional Axonius Collector Nodes