- Knowledge base
- Network & System Security
- Authenticated Network Scanning
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
How do I configure a scan profile for authenticated scanning?
You need to configure your network scan profile to enable authenticated scanning on your network assets. Follow this step-by-step guide to ensure the correct configuration.
Set up the scan profile
- Log in to the Security Center.
- Click Scan Network in the header.
- Click Scan Profiles. From here, you have two options:
- Create a new scan profile following the steps below.
- Edit an existing web application following the steps below.
- In the window menu, under General settings, set the following:
- Name (enter a name, e.g., "Authenticated scan - Windows Servers").
- Set the Scan type to Full Scan (this includes the complete coverage for all vulnerability tests).
- In the window menu, click on Authentication.
- Decide whether you are authenticating towards Linux/Unix, Windows systems, or both. Follow the relevant instructions below.
Linux/Unix authentication record
- Set the Authentication information by clicking the drop-down and selecting New.
- Select a Name for your Authentication Record
- Add the Port to be used for authentication if you have a specific port. Otherwise, the standard port 22 will be used.
- Type the Username to be used for the authentication.
- Choose the method of authentication: SSH Key or Password.
- Add the information based on the choice you made.
- Done!
Linux Authentication Method
For the password option, we require password authentication to be turned on for the SSH service.
For the SSH Key option, we require an SSH-authorized RSA private key.
Windows authentication record
- Set the Authentication information by clicking the drop-down and selecting New.
- Select a Name for your Authentication Record
- Type in the credentials you would like to use for your authenticated scan.
- Username
- Password
- Domain
- Choose which NTLM protocol (NTLM v2, NTLM v1, or NTLM v2 Only) to use based on your network configuration.
- Done!
Windows authentication user account
To ensure you have the necessary privileges for authenticated System & Network Scanning in Windows operating systems, we strongly suggest referring to this article on creating a custom domain user account for authenticated scans.
https://support.holmsecurity.com/knowledge/how-do-i-set-up-a-custom-domain-user-account-for-authenticated-scans