CloudSphere CAM discovers devices that exist in your IT universe by executing Scan Jobs. The Scan jobs scan endpoints within a specified network boundary (Subnets, IP Ranges, IPs), which is defined using Scan Scope(s).
While configuring a Scan Job we first need to identify and define Scan Scope(s), and eventually add them to it.
A Scan Scope provides a list of target IP addresses or hostnames that we want to be scanned while we execute a Scan Job. It also contains information about the Scope Type (target environment - Private Network, Amazon EC2, Azure, Google Cloud Platform).
It can be defined using the following:
- List - specified as a list of IP addresses or hostnames
- IP Range - specified by a start and end IP address
- IP Subnet - specified by a network address and subnet mask
Reference: Scanning Best Practices
Creating a new Scan Scope
- Click the Scopes menu
- On the All Scope Page, Click the "+" button
- In the “Create a new scope” dialog,
- Enter the scope name
- Give it a description
- Select the scope type (Explained Below)
- Click Continue
Scope Type: Depending on if you are trying to scan an on-prem environment or a public cloud environment, there is a different approach to setting the scan scope. What would you like to do?
- Private Network
- Amazon EC2
- Google Cloud Platform
Note: Optionally, you can also create a new scan scope while creating a new scan job.
Adding targets to a scope
Once the scope is created with the scope type, you can start adding the targets to a scope. You can add a specific list, a range, or a subnet as a target.
You can add one or more lists and/or ranges of IPs to one scope.
- IP List
- IP Range
- IP Subnet
An exclusion is a scope (Target IPs) that you want to exclude or avoid scanning. By using this step, you can add a list of target IPs that you would like to avoid scanning. You can either choose an existing exclusion from the list which you have already created or create a new exclusion similar to creating a new scope. Exclusions are particularly useful when you are scanning a subnet of IPs or when the scan type is Application or Neighborhood.