The Web audit and Internet DMZ audit templates do not include any of these discovery methods. If the application cannot verify that an asset is live with one method, it will revert to another. Using more than one discovery method promotes more accurate results. See Make your environment “scan-friendly”. Be mindful of where you deploy Scan Engines and how Scan Engines interact with firewalls. This can reduce the overall accuracy of your scans. In either case, the application reports the asset to be DEAD in the scan log. If a firewall is on the network, it may block the requests, either because it is configured to block network access for any packets that meet certain criteria, or because it regards any scan as a potential attack. The potential downside is that firewalls or other protective devices may block discovery connection requests, causing target assets to appear dead even if they are live. ICMP echo requests (also known as “pings”).Three methods are available to contact assets: Filtering out dead assets from the scan job helps reduce scan time and resource consumption. Determining if target assets are liveĭetermining whether target assets are live can be useful in environments that contain large numbers of assets, which can be difficult to keep track of.
If you choose not to configure asset discovery in a custom scan template, the scan will begin with service discovery. reporting any assets with unauthorized MAC addresses.collecting information about discovered assets.Asset discovery configuration involves three options:
0 kommentar(er)
