Network Discovery
Last updated
Last updated
The CyberCyte portal can discover users network assets with agents. The users select one of the machine for scan the network, users can create another policy for scanning the another network on their side.
Please navigate to "Rules & Policies" -> "Policy Rules". Click on the "+ Policy" button to create a new policy. There is a built-in policy, if new policy required users can use this step. Please select the module named "Scenario and Network Discovery" and type named "IP Scan & Penetration Testing".
Please provide a policy name, assign the policy to the specified group(s) and set the policy enabled. The collection interval can be changed, the default value is 30 minutes. "Scanner Host" section is important, because the selected host machine will do the network discovery. After the host selection, IP blocks should provided. Port scan option is enabled by default but it can be disabled.
The uses can add additional SNMP community names with typing and pressing enter. By default the "Scenario Tests" activated but "Brute Password Tests" and "Vulnerability Scan" options can activated. If "Vulnerability Scan" is selected the scan interval should be selected and time intervals should be defined.
Click to "Save" button to save the policy. When the specified host machine's agent communicate with the portal, it will get the policy and start scanning the network if the current time is matched with the policy; if it is not, the agent will scan the network between the specified intervals on the policy.
The results can be seen under the "Asset Management" -> "Endpoint Management". For an example, please take a look at the image below, the machines are discovered by agent with network discovery.
