Skip to content
  • There are no suggestions because the search field is empty.

What are the most important best practices when setting up in a large environment?

This article highlights the key factors to consider when implementing the product in a large IT organization. By addressing these areas in advance, you can facilitate a more efficient startup process and ensure you are fully oriented once everything is set up.

Asset structure & tags

Begin by entering all assets you plan to scan into Asset Manager, then create tags to organize these assets effectively. The more comprehensive your tagging is from the start, the better prepared you and your team will be once you've run your scans. Tags play a crucial role across all product functionalities, enabling you to implement user team restrictions based on specific tags, run scans, generate tailored reports, and develop remediation plans. While you can tag retrospectively, we strongly advise establishing detailed tags from the beginning to optimize efficiency later. 

Tags frequently used by our most successful customers include:

  • Type of network (External, DMZ, Internal, Servers, clients, etc.)
  • Location (country or city)
  • Area of responsibility (describes which team or person owns the responsibility for the asset)
  • Internal priority scoring (specific system classifications, etc.)
    If this has not been implemented in your organization, you can use our business impact setting.

Useful links about tags

Scanner Appliances & scans

In large IT environments, managing a vast number of host assets presents inherent challenges. Depending on your scanning objectives and frequency, you may find that a single Scanner Appliance is insufficient to complete all scheduled scans within a week. There are also limitations on the total number of IPs that can be included in a single scan run or schedule.

To address these challenges, we advise increasing the number of Scanner Appliances and conducting multiple scans in parallel across different devices. Generally, a Scanner Appliance should only run one active scan at a time to ensure efficiency and accuracy. While it may be feasible for smaller organizations to run multiple scans concurrently, this is best avoided in larger setups.

Read more in-depth

This article provides more details on scanning large networks and how to benefit from additional scanner appliances or additional hardware resources.

Users & teams

The teams feature lets you effortlessly assign roles and delegate permissions to users, streamlining your workflow and improving overall efficiency. As you plan the implementation, take time to consider how your organization will be structured within the product and determine which teams and individuals should have access to which information.

A well-structured approach from the beginning will enable your teams to concentrate on addressing vulnerabilities rather than navigating through excessive data. It's generally beneficial to adopt a minimalist strategy by granting each team access only to the results and tickets related to their systems. allowing them to work more effectively and efficiently. Consider implementing Single Sign-on (SSO) if you have many users.

    Users & team highlights

    • Team structuring 
      Organize your users into distinct teams within the product. Set up multiple teams to align Security Center more closely with your organizational responsibilities.  
    • Roles & permissions 
      Assign specific roles and permissions to each team, controlling your users' access to different parts of Security Center. 
    • Tags & permissions 
      Assign specific tags to a team, along with permissions, so users can access assets with those tags. 
    • Divided permissions 
      Efficiently divide and control asset permissions across your user base. 

    Useful links about teams: