Manage Your Networks

How do I create a network?

Unit Manager access to a network

Why don't I see the Networks tab?

Scanner/Reader access to a network

Tell me about the Global Default Network

Where can I see my networks?

Tell me about the Global EC2 Network and Global Azure Network

Who can scan the Global Default Network?

Can I create a network without scanner appliances?

Who can scan custom networks?

Can I delete my network?

Tell me about the host assets list

How do I organize assets by network?

 


How do I create a network?

Managers can create networks by going to Assets > Networks > New > Network. Give the network a name and assign it one or more scanner appliances.

Why don't I see the Networks tab?

The Network Support feature must be turned for your subscription. Contact Support or your account manager to get this feature.

Tell me about the Global Default Network

The Global Default Network is used to scan assets that do not belong to custom networks. Initially, when we turn on Network Support for your account, scan configurations will be assigned to the Global Default Network. You can change the network for an appliance and schedule but not for an asset group. Want to scan your network perimeter? You'll need to choose the Global Default Network.

Tell me about the Global EC2 Network and Global Azure Network

Global EC2 Network: All the assets that are detected by the Amazon Web Services (AWS) EC2 connector and that do not belong to custom networks are assigned to The Global EC2 Network. The Global EC2 Network is the default network that gets automatically assigned for all such assets. After the asset is scanned, the network assignment of EC2 asset is dependant on the network in which scanner is placed.

Global Azure Network: All the assets that are detected by the Microsoft Azure connector and that do not belong to custom networks are assigned to Global Azure Network. The Global Azure Network is the default network that gets automatically assigned for all such assets. After the asset is scanned, the network assignment of Azure asset is dependant on the network in which scanner is placed.

Can I create a network without scanner appliances?

Yes, but you need to select an internal or an external scanner, depending on the type of targets in your network, when you launch a scan.

Can I delete my network?

Yes, Managers can delete networks. Go to Assets > Networks, identify the network you want to delete, and select Delete from the Quick Actions menu. We'll provide you with a Conflict Report when the network has data associated with it like assets, schedules and scanner appliances. Review the report for all the details.

How do I organize assets by network?

Create new asset groups and select a network for each asset group. Each asset group can be associated with only one network. Once the asset group is saved, you cannot change its network assignment.

How do I give a Unit Manager access to a network?

Edit the user’s business unit and assign the business unit an asset group associated with the network. Make sure the asset group has a network scanner appliance.

How do I give a Scanner or Reader access to a network?

Edit the user’s account and assign the user an asset group associated with the network. Make sure the asset group has a network scanner appliance when assigning it to a Scanner user, otherwise the user won’t be able to scan the IPs within the network even if assigned those IPs.

Where can I see networks available to me?

Go to Assets > Networks. You'll see all the networks that you have access to.

Who can scan the Global Default Network?

Managers and Auditors have permission to scan this network. Unit Managers and Scanners must be assigned at least one asset group associated with the Global Default Network in order to scan the Global Default Network.

Who can scan custom networks?

Managers and Auditors can scan any custom network as long as the network has a scanner appliance assigned to it. If the network doesn't have an appliance then it cannot be scanned.

Unit Managers have permission to scan custom networks that they have access to. The user's business unit must be assigned at least one asset group associated with the network, and the asset group must have a network scanner appliance.

Scanners have permission to scan custom networks that they have access to. The user must be assigned at least one asset group associated with the network, and the asset group must have a network scanner appliance. You can scan your public facing targets in the custom network using external scanner appliances.

Show me a sample use case

Tell me about the host assets list

You'll notice that all IPs in your account will be listed for every network on the Host Assets list. There you can expand a network to get host information for any IP. It's only after a host has been scanned that you'll see host scan data in the host information.