Troubleshooting Network Perimeter Scan Failures
Overview
Network Perimeter Scanning in DeepTraQ helps security teams analyze externally exposed infrastructure and identify risks visible from the internet. This scan evaluates public-facing IP addresses to detect open services, misconfigurations, and vulnerabilities that attackers could exploit.
A scan is executed by submitting jobs to underlying security scanners. The platform tracks the execution status and provides detailed logs when scans fail or partially complete.
A successfully executed scan is indicated by a green icon with the status Done.
If a scan cannot be submitted to the scanners, a Submit Error is displayed. This means the scan job was not successfully added to the security scanners.
A red cross icon indicates a Failed scan. This typically happens when the security scanners fail to execute checks due to configuration issues, connectivity problems, or scanner errors.
The History tab and error logs help diagnose these issues and understand the cause of the failure.
Network perimeter scanning also provides visibility into how attackers view your external infrastructure and helps identify exposures that could lead to unauthorized access.
Supported Platforms
Network Perimeter Scanning
Network perimeter scanning analyzes internet-facing infrastructure to identify exposed services and potential security risks.
Supported Targets
- Public IP addresses
Supported Protocols
- TCP
This scan focuses on identifying externally exposed network services that could be exploited by attackers.
Prerequisites
- Target added to the platform
- Scope defined for the scan
Limitations
| Limitation | Description |
|---|---|
| Public IP scanning only | Only publicly reachable IP addresses can be scanned. Private internal networks are not supported. |
| TCP protocol only | Network perimeter scans currently support only TCP-based services. |
| Multiple IPs allowed | Multiple IP addresses can be included in a single scan. |
| Scan duration limit | Maximum scan duration is limited to 2 hours. |
Understanding Scan Status
Scan execution status helps identify whether a scan completed successfully or requires troubleshooting.
| Status | Description |
|---|---|
| Done | The scan completed successfully and results are available. |
| Submit Error | The scan job was not successfully submitted to the security scanners. |
| Failed | The security scanners failed while running the checks. |
A failed scan may occur due to:
- Scanner execution errors
- Target connectivity issues
- Misconfigured scan settings
- Temporary scanner availability problems
Viewing Scan History and Errors
If a scan fails, you can review the error details using the History tab.
Steps
- Navigate to Scans.
- Locate the scan showing a Failed status.
- If the History tab is not visible, click the three-dot menu.
- Select History.
- Find the failed job entry.
- Click the three-dot menu next to the job.
- Select Error to view error details.
- Click the expand arrow to view the full error logs.
Error logs contain detailed messages generated by the security scanners and help identify the root cause of the failure.
Investigating Perimeter Risks
Network perimeter scans help organizations understand their external attack surface.
These scans reveal:
- Open ports on public IP addresses
- Exposed services accessible from the internet
- Misconfigured external infrastructure
Understanding these exposures helps reduce the risk of attackers exploiting publicly accessible services.
Debugging Failed Jobs
When a scan fails, reviewing the error logs helps identify the issue.
Common troubleshooting actions include:
- Verifying the target IP address is reachable
- Checking scan configuration settings
- Reviewing detailed error logs from the scanners
- Confirming scanners are available and running
Expanding the log entries provides additional details that help diagnose the problem.