Run Discovery Scans
Run a discovery scan to locate network assets, such as workstations, routers, laptops, and printers. A discovery scan also determines if an IP address is active. You can periodically repeat discovery scans to verify the status of devices, programs, and the delta between the current and previous scans.
Discovered assets do not count toward your license.
- The default TCP discovery ports are 21, 22, 23, 25, 80, 110, 139, 443, 445, 554, 1433, and 3389.
- Use more than one scanner to distribute the coverage across the network.
Use the Scan Wizard to Create a Discovery Scan
To run the Scan Wizard, click Schedule a discovery scan on the homepage or left menu, and then follow the steps outlined below.
- Select Scan Type: There are three types of scans to chose from. Select one and then click Next.
- Discovery Scan: This is an uncredentialed scan that returns discovered assets. This type of scan does not collect any details on any of the assets, nor does it deploy any agent to the targets.
- Detailed Discovery Scan: This scan requires credentials and it deploys a scan agent to the scan targets. Besides systems, this scan provides associated information on services, scheduled tasks, users, and databases.
- Advanced Discovery Scan: This scan performs all the operations of the previous scan, but provides information on all associated attributes.
- Select Scan Targets: Enter scan targets in the field provided. You can enter single IP addresses, IP ranges, addresses in CIDR notation, or named hosts. Items must be separated by commas. If you wish to target existing assets or Smart Rules, this can be done from each of those product areas by using the grid actions to trigger a scan for a selected target.
- Enter Credentials: If the type of test you select requires credentials, you can select an existing credential from the Credential List, and/or use the Custom Credential fields to enter a new credential to use for this scan. If you enter a new credential, click Test Credential to verify its functionality. If using the Credential List, you have several options:
- Use the same key for all credentials: If selected, enter a Universal Configuration Key, which is used for all the credentials used in this scan.
Configuration keys are not used or validated for Password Safe credentials.
- Choose Existing Credentials: You can use the search field to search for a specific credential, or select from a list of available credentials. You can select one or more. If necessary, enter the key and click Validate. Click Next to continue.
- Choose Scan Agent: Select which agents will be used to execute the scan. If more than one agent is selected, the scan targets are split between the selected agents. If you have a large number of agents, you can use the filter dropdown menu. Click Next to continue.
Click Dismiss to hide the warning banner until your next login. Dismissing the warning banner here does not hide it on the dashboard, and dismissing the warning banner on the dashboard does not hide it on this screen.
- Name the Scan: Provide a unique name for this scan. The scan name cannot be longer than 58 characters and cannot contain any of the following characters:
[ ' $ < + ? > * | " : ; \ /
You can also apply Job Restrictions that allow you to abort the scan if it runs longer that a set number of minutes, and set a Schedule, which can be Immediate, One Time, or Recurring. Click Finished to run the report.
On the Scans grid page you can see Active or Completed scans, delete a scan, and see a list of Scheduled Scans, if available. For each of the scheduled scans you can click on the vertical ellipsis icon at the end of the row to View Scan Details, or to Delete a scan. In Scan Details you can modify the target Smart Rule, the name of a scan, the scheduled scan time, change the credentials, and see the scan History, if that scan was run in the past.
Run Scans from a List of Assets
If you want to run a scan but would prefer to select targets from a list of assets rather than type them, click the Assets tile.
From the Assets grid, select the assets you want to scan, and then click Scan....
The scan wizard screen appears. Here you can select the type of scan to run. The difference is that when you click Next and go to the Select Scan Targets page, you will find the targets already selected. The next steps in the Scan Wizard are the same as those outlined above.
Use Smart Rules as Targets for Scans
You can also run a scan on Smart Rules. From the Smart Rules grid, select a rule, use the dropdown menu on the right side of the column, and then select Scan. You are taken to the Scan Wizard, on which the targets are preselected. The next steps in the Scan Wizard are the same as those outlined above.
Check Completed Scans
If you want to check information on scans, click the Menu icon on the left navigation bar. Under Scans you can see links to Active/Completed Scans and to Scheduled Scans. Alternatively, you can access the list of scans by clicking the briefcase icon on the main page.
Discover Assets Using a Smart Group
When the Smart Group filter is an address group, Active Directory query, or cloud connector, you can discover assets. When the Use to discover new box is checked, any assets online since the smart group was last processed are detected . The scan results on the Assets page reflect the number of assets found.
If you create an address group that includes the /19 CIDR block, the range possesses 8190 potential assets. The discovery scan always tries to discover those assets. Keep this in mind when you are reviewing scan results.
To create a smart group, go to Configuration > General > Smart Rules > Create Smart Rule.
- Create an address group or Active Directory query that includes the IP address range or domain.
- Create a smart group that includes the address group or query as the filter. Enable the Use to discover new assets during scans option.
We recommend you run a discovery scan at a regular interval. You can discover assets manually by entering a host name, IP address, or address range.