Discover all the assets in your network. In minutes.
At AlienVault, we believe that the security analyst has enough to worry about, and enough work to do. And the first step is worrying about what’s connected to the network.
That’s why we built the Unified Security Management™ platform. To make it easier to manage security and compliance with built-in asset discovery, vulnerability assessment, threat detection, behavioral monitoring and security intelligence. Within minutes of installing one of our USM products, you’ll discover all of the IP-enabled devices on your network, what software is installed on them, how they’re configured, any potential vulnerabilities and active threats being executed against them.
Correlate asset info with threat and vulnerability data
Uncertainty is the biggest enemy of the security professional. Not knowing what’s on your network at any given time. Not being certain of how your devices are configured. Not knowing where to look.
Automated asset discovery can start you on the path to certainty. AlienVault’s Unified Security Management™ platform (USM) combines three core discovery and inventory technologies to give the security analyst full visibility into the devices that show up on their network.
Passive Network Monitoring—highlights hosts on the network and their installed software packages. Information collected includes:
- IP and hardware MAC address pairings. This is used for inventory and to detect MAC spoofing
- IP header analysis to identify operating systems and running software packages
- TCP/IP traffic analysis for OS fingerprinting and basic network topography
- Active Network Scanning—gently probes the network to coax responses from devices. These responses provide clues that help identify the device, the OS, running services, and the software installed on it. It can often identify the software vendor and version without having to send any credentials to the host.
- Host-based software inventory—installation of a lightweight, host-based agent provides an additional, more granular level of visibility. By enumerating all the software installed on the machine, the agent greatly extends, deepens, and enhances your understanding of the devices on your network, resulting in a much more dynamic and accurate inventory.
Asset discovery the way you want it
All of these asset discovery tools are fully enabled and built into the AlienVault USM platform. Rather than using a separate product or management console for asset discovery and inventory, all administration is done via a single console – the same one you use for scheduling vulnerability scans, responding to alerts or running compliance reports. Additionally, it’s up to you how you’d like to use these tools across your environment.
For example, you may decide to reserve host-based software inventory for your high-criticality devices and throttle back active network scanning on sensitive areas of your network. Additionally, AlienVault’s open architecture offers the flexibility to integrate with your existing asset discovery and inventory tools as well.