What are the requirements for Policy scanning?

Policy scanning can be accessed within Security Center > Network scan and requires it's own scanning profile to be set up in order to work properly. 

Requirements

  • Policy scanning requires scanning profiles to be set up with credentials to access the assets 
  • You cannot mix Windows and Linux assets in a single scan
  • You need separate policy scanning profiles for Linux and Windows systems 
  • Microsoft Windows assets requires the WinRM 2.0 (Microsoft Windows Remote Management) to be enabled and port 5985/tcp to be accessible (access granted in firewall)
  • Linux/Unix assets requires Secure Shell (SSH) to be enabled and accessible

Notes

WinRM port 5985/tcp on Microsoft Windows is a HTTP port. The actual transferred SOAP data is however already encrypted to secure the data sent and received. 

You can setup several policy scanning profiles with different authentication records if you are using different accounts among different assets

Microsoft Windows assets

Creating policy scanning profile  

  1. Create a policy scanning profile 
  2. Select a Microsoft Windows policy template
  3. Apply authentication details for your Microsoft Windows assets
    1. Username
    2. Password
    3. Domain (optional)
  4. Save

Scanning Linux/Unix assets

Creating policy scanning profile  

  1. Create a policy scanning profile 
  2. Select a Linux/Unix policy template
  3. Apply authentication details for your Linux/Unix assets
    1. SSH Port
    2. Username
    3. Password
      • or use Private Key together with a Passphrase 
  4. Save

You can find more information about setting up your Policy profiles in this article:
How do I create a Policy profile?

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.