Run Discovery Scans

Run a discovery scan to locate network assets, such as workstations, routers, laptops, and printers. A discovery scan also determines if an IP address is active. You can periodically repeat discovery scans to verify the status of devices, programs, and the delta between the current and previous scans.

Discovered assets do not count toward your license.

  • The TCP discovery ports are 22, 80, 110, 139, 389, 443, 445, 1025, 1433, 1521, 3306, 3389, 5000, 5432, and 27017.
  • Use more than one scanner to distribute the coverage across the network.

Use the Scan Wizard to Create a Discovery Scan

  1. Click Run a New Discovery Scan on the left menu.
  2. Select Scan Type: There are two types of scans to choose from. Select one and click Next.
    • Discover Local Accounts: This scan requires credentials and deploys a local scan service to the scan targets. This scan discovers systems as well as the local user accounts located on them.
    • Detailed Discovery Scan: This scan requires credentials and it deploys a local scan agent to the scan targets, which can be disabled if required. Besides systems, this scan provides associated information on services, scheduled tasks, users, and databases.
  3. Select Scan Targets: Enter scan targets in the field provided. You can enter single IP addresses, IP ranges, addresses in CIDR notation, or named hosts. Items must be separated by commas.
  4. Choose Scan Agent: Select which agents are used to execute the scan. If more than one agent is selected, the scan targets are split between the selected agents. If you have a large number of agents, you can use the filter dropdown menu. Click Next to continue.
A warning banner appears at the top of the screen if your installation includes any Discovery Agents earlier than version 20.1. These must be updated by the end of 2021. You can identify outdated agents by referring to the grid of agents on this screen, which includes the version of each agent.

Click Dismiss to hide the warning banner until your next login. Dismissing the warning banner here does not hide it on the dashboard, and dismissing the warning banner on the dashboard does not hide it on this screen.

Screenshot of the Enter Credentials page in the BeyondInsight Discovery Scan Wizard

  1. Enter Credentials: If the type of scan you select requires credentials, you can select a credential from the Credential List, and/or use the Custom Credential section to provide a credential to use for this scan.
    • If you enter a Custom Credential, click Test Credential to verify its functionality.
    • If using the Credential List, select one or more credentials from a list of available credentials. Either provide a key for each credential or enable the Use the same key for all selected credentials option to provide a Universal Configuration Key used for all selected credentials.

 

Configuration keys are not used or validated for Password Safe credentials.

Use the Search Credentials box to filter the list of available credentials.

If you require a credential that isn't listed, click the Create New Credential hyperlink at the top of the Credential List section to open the Create New Credential form and create a new credential. The new credential is added to the list of existing credentials.

  1. Once credentials have been selected for the scan, click Next.
  2. Name the Scan: Provide a unique name for this scan. The scan name cannot be longer than 58 characters and cannot contain any of the following characters: [ ] ' $ & < + ? > * | " : ; \ /. You can also set the following Discovery Options:
    • Apply job restrictions that allow you to abort the scan if it runs longer that a set number of minutes.
    • Toggle the option to enable or disable the use of a local scan service.

Disabling the local scan service prevents the discovery of IIS app pools, Scheduled Tasks, and domain user information.

    • Set a schedule, which can be Immediate, One Time, or Recurring.
  1. Click Finish to complete the Scan Wizard.

Run Scans from a List of Assets

If you want to run a scan but would prefer to select targets from a list of assets rather than type them, click Assets from the left menu.

Select targets from the Assets grid

From the Assets grid, select the assets you want to scan, and then click Scan Selected Assets.

 

Targets already selected

The Scan Wizard screen appears. Here you can select the type of scan to run. The difference is that when you click Next and go to the Select Scan Targets page, you will find the targets already selected. The next steps in the Scan Wizard are the same as those outlined above.

 

Use Smart Rules as Targets for Scans

Smart Rules Scan

You can also run a scan on Smart Rules. From the Smart Rules grid, select a rule, click the vertical ellipsis for the rule, and then select Scan. You are taken to the Scan Wizard, for which the targets are preselected, and if the Smart Rule is configured to use specific scanners, the scan agents are also preselected. The next steps in the Scan Wizard are the same as those outlined above.

 

Check Completed and Scheduled Scans

Link to checking completed scans

If you want to check information on scans click Menu from the left navigation bar. Under Discovery, click Active/Completed Scans or Scheduled Scans.

 

Scans page in BeyondInsight highlighting available options for scheduled scans.

From the Scans page you can see active, completed, and scheduled scans, and you can delete a scan. You can also see the scan status for each active or completed scan. For each active and completed scan you can click the vertical ellipsis for the scan, and then select Run Scan Now or Delete scan. For each scheduled scan you can click the vertical ellipsis for the scan, and then select View Scan Details, Run Scan Now, or Delete scan.

 

View Scan Details

When viewing the Scan Data, you can:

  • Change the name of the scan
  • Change the scanner associated with a scheduled scan job via Details & Attributes > Agent
  • Change the Detailed Discovery Options
  • View the scan targets and modify the target Smart Rule if one is selected
  • Change the scheduled scan time
  • Change the credentials
  • View the history of the scan, if any exists

View Discovery Options

 

Discover Assets Using a Smart Group

When the Smart Group filter is an address group, Active Directory query, or cloud connector, you can discover assets. When the Use to discover new box is checked, any assets online since the Smart Group was last processed are detected . The scan results on the Assets page reflect the number of assets found.

If you create an address group that includes the /19 CIDR block, the range possesses 8190 potential assets. The Discovery Scan always tries to discover those assets. Keep this in mind when you are reviewing scan results.

Key Steps

To create a Smart Group, go to Configuration > General > Smart Rules > Create Smart Rule.

  • Create an address group or Active Directory query that includes the IP address range or domain.

Smart Rule for Discovering Assets

  • Create a Smart Group that includes the address group or query as the filter. Enable the Use to discover new assets during scans option.
  • You can also configure the Smart Rule to use specific scanners by selecting the Set Scanner Properties action, and then selecting specific scan agents from the list.

 

We recommend you run a discovery scan at a regular interval. You can discover assets manually by entering a host name, IP address, or address range.

For more information, please see the following: