Axonius Network Discovery - Scan
- 22 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Axonius Network Discovery - Scan
- Updated on 22 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Axonius Network Discovery - Scan scans Devices IP addresses for:
- Assets returned by the selected query or assets selected on the relevant asset page.
Note that Axonius Network Discovery is unable to enrich MAC addresses if the target address is not in the same subnet as the scanning node.
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
Note:
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
Required Fields
These fields must be configured to run the Enforcement Set.
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
- Ports to Scan (default: Top 100) - Set the number of ports to scan, either 'Top 100', 'Top 1000' or 'Full’ for all ports (1-65535); or 'Custom only' - in this case, only the custom ports listed under Custom ports to scan (see Additioanl Fields) are scanned.
- Fetch certificate data from hosts - Select how to fetch certificate data from hosts, either in Normal Fetch, Background Fetch or Disabled (default).
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
- Gateway Name - Select the Gateway through which to connect to perform the action.
Additional Fields
These fields are optional.
- Ports to Exclude From Scan (Comma Separated) - Enter a comma separated lists of ports to exclude from the scan.
- Custom ports to scan (use coma or hyphen) - You can add custom ports to scan, either specific ports separated by commas, or a range of ports separated by hyphens.
- If you select Top 100 or Top 1000 in the Ports to scan required field, the system will scan those ports, and in addition it will scan any ports listed in this field.
- If you only want to scan the ports listed in this field, select Custom only in the Ports to scan drop down.
- Comma separated list of new DNS resolvers - Add a comma separated list of DNS resolvers. The system will then use them to get the DNS name of the device from the IP address.
- Also Enrich Other Adapters Ports (default: True) - When this option is enabled, ports that were already aggregated in the asset by other adapters are further scanned by the Axonius Network Discovery adapter. This is useful for cases where the transport and application layers were not fully detected in previous enrichments.
APIs
Axonius Network Discovery uses the following open source tools:
For more details about other Enforcement Actions available, see Action Library.
Was this article helpful?