Users have the option to scan hosts by their DNS names, when the Scan by Hostname feature is enabled. Perimeter scanning using External scanners is supported. Contact your account manager or technical support if you would like to enable the Scan by Hostname feature for your subscription.
Get Started |
Make sure these configurations are set up: DNS Servers on your networkDNS Servers on your network Check the hostname to IP resolution performed by the DNS servers on your network to be sure the hostnames to be scanned resolve to IP addresses in your account. Also keep in mind that your DNS servers must be publicly accessible in order for our External scanners to be able to process scans. Host Assets in your accountHost Assets in your account Check the Host Assets in your account (Assets > Host Assets) to be sure the IP addresses (full IP ranges) that the hostnames will resolve to are in your account. If the external scanners cannot resolve a hostname to an IP address, vulnerability assessment of the host will not occur. And if any resolved IP address is not in your account no scan results will be reported. Note: If Asset Group Management Service (AGMS) is enabled for your subscription, you will see the Address Management tab instead of Host Assets. To understand the changes that happen when AGMS is enabled for your subscription, refer to Introducing AGMS. |
Step 1: Add Hostnames to Asset GroupsStep 1: Add Hostnames to Asset Groups Go to Assets > Asset Groups > New > Asset Group, and add the DNS names to the DNS section. Once added, you can think of these as Scan by Hostname asset groups. Which users have permission to do this?Which users have permission to do this? Only Manager users can add hostnames to asset groups. Can I also add IPs to the group?Can I also add IPs to the group? Yes. When the asset group is scanned, all DNS hostnames and IP addresses in the group will be scanned. Do not add NetBIOS hostnamesDo not add NetBIOS hostnames It's not currently possible to scan hosts by their NetBIOS hostname using External scanners so do not add NetBIOS hostnames to this group. |
Step 2: Scan the Asset GroupsStep 2: Scan the Asset Groups Now scan your new asset groups that have the DNS names. Make sure the Scanner Appliance option is set to External. When you start the scan, all DNS hostnames and IPs in the group will be scanned. When you scan a host by hostname, the scanner appliance resolves the hostname to an IP address in your account and reports the results by IP address. If a hostname cannot be resolved to an IP address in your account, then scan results are not returned for the host. |
Step 3: Run Reports on Resolved IPsStep 3: Run Reports on Resolved IPs Run reports on the IP addresses resolved from the scanned DNS names. To quickly identify the resolved IP addresses perform an asset search. Go to Assets > Asset Search. Enter the "All" group for your search target and then enter the DNS name that you're interested in. Click Search. The Asset Search Report appears with a list of IP addresses that match the hostname provided. |
Scanning and Reporting by DNS name
Scan by Hostname (Internal Scans)
Tell me about the scan report template setting "Resolve DNS association"