Hi,
can someone explain to me, why i have to add IP adresses in the "Windows Record" setting, for authenticated scanning?
Is it possible to do trusted scans without IP adresses in the "Windows Record" settings, because i add IP adresses in the settings for "Launch Vulnerability Scan"?
I cant understand the differences between the IP adresses in Windows Record and the adresses in "Launch Vulnerability Scan".
I hope someone can help me =)
I don't think you need IP addresses for Windows record in order to do authenticated scanning; this is only required for linux records
Hi Pierre,
If your Windows hosts are members of an Active Directory or NETBIOS domain you can use those authentication record types which do not require IP addresses to be assigned - we can determine the NETBIOS or AD domain and use the appropriate record.
If your hosts are not domain joined you will need to assign IP addresses to the record. The reason for this is that you may have multiple Windows records for different parts of your network with different credentials. In this case you will need to specify which assets the record applies to, which is why you need to assign IP addresses to the record.
I hope this helps to clarify
On this topic, I have noticed for hosts running the Cloud Agent licensed with VM, you can perform network scans on them with full authentication without requiring an IP license. Because they're in AD and the AD authentication record exists, this works flawlessly. Where I continue to struggle is when you have DMZ type hosts, that are NOT in AD, running the Cloud Agent. If you want to scan those with the network scanner, it will not authenticate. If you create a non-AD Windows Authentication record, it, as expected, requires you to add an IP address to the record. The problem is, if the IP isn't in your license, you can't add it to the auth record. So far, the only way we have figured out how to scan it is to re-add the IP host to VM, in order to be able to add the IP address to the Authentication record with the local account. At that point, it works fine, but you're now using 2 licenses; a Cloud Agent VM license, and a VM IP licenses, just to scan the same host. Are there plans to allow for the adding of IP addresses to local account auth records, as long as the IP is associated with a Cloud Agent VM host, so we don't have to waste a license for every non-AD host?
Thanks,
Brad
Hi Pierre,
If your Windows hosts are members of an Active Directory or NETBIOS domain you can use those authentication record types which do not require IP addresses to be assigned - we can determine the NETBIOS or AD domain and use the appropriate record.
If your hosts are not domain joined you will need to assign IP addresses to the record. The reason for this is that you may have multiple Windows records for different parts of your network with different credentials. In this case you will need to specify which assets the record applies to, which is why you need to assign IP addresses to the record.
I hope this helps to clarify