Network Scanners Overview
Overview
Network Perimeter scanning in DeepTraQ provides multiple security scan profiles to help identify exposed services, misconfigurations, and vulnerabilities across internet-facing infrastructure.
These scanners allow organizations to analyze their external attack surface by discovering open ports, mapping exposed services, and detecting known vulnerabilities. Selecting the appropriate scan profile helps tailor the assessment based on the level of depth required.
When creating a new scan, users can provide a scan name and description to clearly identify its purpose. Tags can also be added to organize scans and make them easier to search and manage.
After defining scan details, the target host IP addresses must be specified to begin the network perimeter assessment.
Supported Targets
Network perimeter scanners operate on externally accessible infrastructure.
Supported Targets
- Public IP addresses
These scans help security teams analyze internet-facing assets and identify potential exposures.
Available Security Scan Profiles
DeepTraQ provides several network perimeter scan profiles designed for different assessment goals.
Port Scan and Discovery
This scan identifies open ports and exposed services on the target systems.
It is typically used for:
- Discovering open ports
- Identifying running services
- Mapping externally exposed services
This scan provides a quick overview of network exposure and helps identify services that may require further investigation.
Advanced Network Scan
The Advanced Network Scan performs deeper network discovery to map exposed services and devices.
This scan helps:
- Identify active devices
- Detect exposed network services
- Map the structure of externally reachable assets
It provides broader visibility into the external network footprint.
Complete Vulnerability Assessment
This scan detects known vulnerabilities on devices where security agents are installed.
The scan focuses on:
- Identifying known CVEs
- Detecting vulnerable services
- Highlighting security weaknesses on monitored systems
This profile provides a more detailed vulnerability assessment for managed devices.
Rapid Web Threat, Misconfiguration, and CVE Scanner
This scanner identifies vulnerabilities across web applications, networks, and infrastructure.
It focuses on detecting:
- Web application vulnerabilities
- Security misconfigurations
- Known CVE-based vulnerabilities
This scan helps identify risks across multiple layers of externally accessible systems.
Prerequisites
- Target hosts added
- Public IP addresses identified
- Scope defined for the scan
Limitations
| Limitation | Description |
|---|---|
| Public IP scanning only | Network perimeter scans support only publicly reachable IP addresses. |
| TCP protocol only | Network scans currently analyze TCP-based services. |
| Multiple IPs supported | Multiple IP addresses can be included in the same scan. |
| Scan duration limit | Maximum scan duration is limited to 2 hours. |
Steps to Configure a Network Perimeter Scan
- Navigate to Network Perimeter.
- Click Create Scan to start a new network perimeter scan.
- Enter a Scan Name.
- Provide a short description explaining the purpose of the scan.
- Optionally add tags to organize the scan.
- Click Next.
- Provide the target host IP addresses to be assessed.
- Select the desired security scan profile.
- Click Next.
- Configure the scan frequency if scheduling is required.
- Click Start Scan to begin the assessment.
Field Reference
| Field | Description | Example |
|---|---|---|
| Scan Name | Unique name used to identify the scan. | External Perimeter Scan |
| Description | Short description explaining the purpose of the scan. | Weekly perimeter vulnerability assessment |
| Tags | Optional labels used to organize scans. | Production, External |
| Target Hosts | Public IP addresses to be scanned. | 203.0.113.10 |
| Scan Profile | Security scan type selected for the assessment. | Port Scan and Discovery |
| Scan Frequency | Defines whether the scan runs once or on a schedule. | Weekly |