Authenticated Network Scan

^{Last Updated: 2025-05-27}

Purpose

This article describes how to set up an Authenticated Network Scan via credential.

Introduction

The Authenticated Network Scan in Outpost24 leverages provided SSH credentials to identify and enumerate assets within cloud environments. By querying the system's API, it retrieves asset identifiers such as serial IDs, disk IDs, product IDs, and associated IP, hostname, or MAC addresses. This method enhances the accuracy of asset discovery by providing detailed information that may not be accessible through unauthenticated scans. Using authenticated scans is particularly beneficial for comprehensive vulnerability assessments, as they offer a deeper insight into the assets' configurations and potential security risks.

Setting up an Authenticated Network Scan

Prerequisites

The Authenticated Network Scan requires root equivalent credentials.
Prepare a root account or a non-root account with sudo permission. With a non-root account, you need to add sudo as a substitute user command.

For more information, see SSH Credentials.

Limitations

When using Portal for Network scan, users can select multiple credentials when creating the policy, including several of the same type.

However, if multiple credentials with the same type are selected, only the first created credential is used. Not only for SMB, but also for SSH and VMware vSphere credentials.

Create and Run a Network Discovery

To perform a network scan, you need a specific asset to run the scan on.

To set up the asset a Network discovery scan needs to be performed.

1. Go to Portal > Configuration > Scan configurations

2. Click the (green plus button)

3. Select Network discovery.
   
   
   

4. Fill in a suitable name for the configuration.

5. Fill in the targets IP-address or FQDN.

6. Select a scanner in the drop-down list.

7. Click the blue ADD to create the Scan configuration.

8. Select the configuration you just created, and click the Scan now icon in the bottom toolbar to start the scan. Wait until the scan finished.
   
   

Tag the Asset

Add a tag to the asset found in Create and Run a Network Discovery for the scan policy to be created later.

1. Go to Portal > Assets > Assets.

2. Right click at the newly discovered asset, select Edit tags.
   

   

   
   

3. Type in a new tag and click Submit.
   

   

   
   

For more information, see Tags.

Create a Policy with Credential

Next step is to create a Scan policy.

1. Go to Portal > Configuration > Scan policies.

2. Click  (green plus button) to Create new scan policy.

3. Enter the information for the policy:

   1. In the Settings tab, enter a name for the policy
      

      

      
      
      

   2. In the Portscan tab, toggle the SSH port to on.
      

      

   3. In the Credentials tab:

      1. Toggle the Use custom credentials to on.
         

      2. Check Perform login with the selected credentials

      3. Select SSH credential you created.
         

         

Create and Run a Network Scan

Now you can create a Scan configuration with the created policy and tags from the previous step, and then run it.

1. Go to Portal > Configuration > Scan configurations.

2. Click the green plus button.

3. Select Network host assessments.
   
   

4. Fill in a suitable name for the configuration.

5. Select scan policy you created in previous step.

6. Choose the asset tag you used in previous step.

7. Click the blue ADD to create the Scan configuration.

8. Select the configuration you just created, and click the Scan now icon in the bottom toolbar to start the scan. Wait until the scan finished.
   

Check the Result

Wait until the scan finished, check the result with created asset identifiers: serial machine/product/disk ids, hostname, IP, MAC