NeXpose Understanding Sites and Assets Groups

Document created by techeditor on Apr 8, 2011
Version 1Show Document
  • View in full screen mode

DEFINITION: A site is a physical group of assets assembled for a scan by a specific, dedicated scan engine. The grouping principle may be something meaningful to you, such as a common geographic location or a range of IP addresses. Or, you may organize a site for a specific type of scan.


The console interface enables you to plan scans effectively by organizing your network assets into sites and asset groups.


When you create a site, you identify the assets to be scanned, and then define scan parameters, such as scheduling and frequency. You assign a scan engine to that site, whether it's a dedicated appliance, NeXpose software installed on a local host, or a scan engine that is run remotely by Rapid7. You can only assign one scan engine to a given site. However, you can assign many sites to one scan engine.


NOTE: If you are using RFC1918 addressing (192.168.x.x or 10.0.x.x addresses) different assets may have the same IP address. You can use site organization to enable separate scan engines located in different parts of the network to access assets with the same IP address.


You also define the type of scan you wish to run for that site. Each site is associated with a specific scan. NeXpose supplies a variety of scan templates, which can expose different vulnerabilities at all network levels. Template examples include Penetration Test, Microsoft Hotfix, Denial of Service Test, and Full Audit. You also can create custom scan templates.


DEFINITION: An asset group is a logical collection of assets to which specified users have access in order to view data about these assets. These users are typically in charge of monitoring these assets and reporting or remediating any vulnerabilties that NeXpose discovers on them.


Another level of asset organization in NeXpose is an asset group. Like the site, this is a logical grouping of assets, but it is not defined for scanning. An asset group typically is assigned to a nonadministrative user, who views scan reports about that group in order to perform any necessary remediation. An asset must be included within a site before you can add it to an asset group.


Only designated NeXpose global administrators are authorized to create sites and asset groups. For more details about access permissions, see Understanding user roles and permissions in NeXpose.


Asset groups can include assets listed in multiple sites. They may include assets assigned to multiple NeXpose Scan Engines, whereas sites can only include assets assigned to the same scan engine. Therefore, if you wish to generate reports about assets scanned with multiple scan engines, use the asset group arrangement. You also can configure reports for combination of sites, asset groups, and assets. See Reporting.