Purpose

The purpose of this document is to explain the different combination of setups that performs scanning over the network.


Roles

  • The Scheduler distributes scan jobs to one or more scanners, and is responsible for keeping all the reports and maintaining targets and scheduling scans.
  • The Scanner is a passive terminal which receives or requests jobs from the scheduler, performs scans, and returns the data to the scheduler.  

Distributed Setup

In a distributed setup, a HIAB is referred to as either a scanner or a scheduler.  The communication may be initiated either from a Scheduler or a Scanner.

Note

The distribution setup depends on type of the license.  

The different setups are described below:

  • HIAB Single
    If a local scanner is used, then scans are performed on the same appliance (scheduler).

    HIAB Single

  • HIAB Scheduler, HIAB Scanner
    HIAB scheduler uses one or multiple scanners to reach different network areas or, to scale the solution allowing more scans to be executed simultaneously.

    HIAB Scheduler, HIAB Scanner

  • HIAB External: HIAB Scheduler, OUTSCAN Scanner

    In this setup, OUTSCAN is used as scanner by approving it in distribution settings of HIAB scheduler.

    All targets and scan scheduling are maintained on HIAB while scanning is done on OUTSCAN. This allows to perform external scanning against your outside perimeter, without using an additional HIAB appliance. All data is securely stored on the HIAB appliance and removed from the OUTSCAN environment.



  • OUTSCAN Internal (OUTSCAN RC): OUTSCAN Scheduler, HIAB Scanner(s) 
    In this setup, OUTSCAN Internal is added as the scheduler and HIABs are added as scanners.  



    Note

    The combination of all setups performs scanning over the network with commonly used protocols to gain access of target assets. Therefore, this solution makes it unnecessary for you to install and manage software agents on your targets which lower your Total Cost of Ownership(TCO) and at the same time avoid security and stability issues which can occur with installed agents.

Scheduler - Scanner Communication

This set up has two modes, pushing and polling. Choose the relevant mode, according to the traffic flow within your internal network(s).  

Caution

  • Firewall rules must be set such that scheduler and scanner can communicate using HTTPS ports.  
  • It is recommended to have the HIABs up to date at all time. Refer to HIAB Maintenance Settings, for more information.

Important

Modes cannot be modified on OUTSCAN scanner or scheduler. 

Pushing Mode

In this communication mode between scheduler and scanner, scheduler takes command to send the scans and other necessary updates to scanner when needed. 

If set, scheduler sends job as request to the scanner, and the scanner receives HTTPS requests and returns data as response to the same request. 

Note

It must be enabled on the scheduler.


Polling Mode

In this communication mode between scheduler and scanner, the scanner initiates HTTPS connection towards scheduler and requests for syncing scans and updates. Scheduler serves the required data if available for the specific scanner.

Note

It must be enabled on the scanner.

Switching Modes 

Before switching the mode, disable the active modes on both sides and then enable where it is required. 

Example Scenario: Pushing is enabled on scheduler and polling is disabled on scanner. If you want to make the scanner to initiate requests, then disable pushing on scheduler side and enable polling on scanner side.





Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.