Table of ContentsPreviousNextIndex

Configuring the attached devices scanning options

Screenshot 76 - The Devices configuration page: Network Devices tab options

Use the Devices tab to enable the scanning and reporting of network and USB devices installed on your target computers.

Screenshot 77 - Dangerous network devices are listed as High Security Vulnerabilities

Together with device enumeration, you can further configure GFI LANguard N.S.S. to generate high security vulnerability alerts whenever particular USB and network hardware is detected. This is achieved by compiling a list of unauthorized/blacklisted network and USB devices which you wish to be alerted of.

You can also configure GFI LANguard N.S.S. to exclude particular devices from the scan results which are considered as `safe' such as USB keyboards. This is achieved by compiling a list of safe/white-listed devices which you would like the scanning engine to ignore during a security audit.

Screenshot 78 - List of unauthorized/blacklisted network devices

Network and USB device scanning is configurable on a scan profile by scan profile basis. Therefore you can customize your device audits by creating multiple scanning profiles with different unauthorized or safe devices lists.

For example, you can create a generic device-scanning profile which checks and enumerates all USB and network devices found connected to your targets. In this case, you do not need to specify any device in the unauthorized and ignore lists of your scanning profile. Similarly you can create a separate scanning profile which enumerates only Bluetooth dongles and wireless NIC cards connected to your target computers.

Screenshot 79 - List of unauthorized/blacklisted network devices

However, in this case you must specify `Bluetooth' and `Wireless' or `Wifi' in the unauthorized network and USB lists of your scanning profile.

All the device scanning configuration options are accessible through the 2 sub-tabs contained in the devices configuration page. These are the Network Devices tab and the USB Devices tab.

Use the Network Devices sub-tab to configure the attached network devices scanning options and unauthorized/safe devices lists.

Use the USB Devices sub-tab to configure the attached USB devices scanning options and unauthorized/safe devices lists.

Scanning for attached network devices

Screenshot 80 - Device configuration page: Network Devices tab options
Enabling/disabling checks for installed network devices

To enable scans for attached network devices in a particular scanning profile:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Select the check box next to the `Enable Scanning for installed Network Devices on the target computer(s)' option.

NOTE: Network device scanning is configurable on a scan profile by scan profile basis. If in a particular profile this option is not selected, no checks for installed network devices will be performed in the security audits carried out by this scanning profile.

Screenshot 81 - Devices configuration page: Unauthorized devices and Ignore devices lists
Compiling a list of unauthorized network devices

To compile a list of dangerous network devices:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Click on the Network Devices sub-tab.

Screenshot 82 - List of unauthorized/blacklisted network devices

4. In the list under `Create a high security vulnerability for network devices whose name contains:' specify the names of the network devices that you wish to classify as high security vulnerabilities.

For example, if you enter the word "wireless" you will be notified through a high security vulnerability alert when a device whose name contains the word "wireless' is detected.

Compiling a list of safe network devices

To compile a list of safe network devices:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Click on the Network Devices sub-tab.

4. In the list under `Ignore devices (Do not list/save to db) whose name contains:' specify the names of the safe network devices that you wish to exclude from the scan results.

NOTE: Include only one network device name per line.

Configuring advanced network device scanning options

Screenshot 83 - Advanced network devices configuration dialog

From the Devices tab, you can also specify the type of network devices that will be checked by this scanning profile and reported in the scan results. These include: `wired network devices', `wireless network devices', `software enumerated network devices' and `virtual network devices'.

To specify which network devices to enumerate in the scan results:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Click on the Network Devices sub-tab.

4. Click on the Advanced button at the bottom of the page.

5. Set the required options to `Yes'.

6. Click on the OK button.

Scanning for USB devices

Screenshot 84 - Dangerous USB devices are listed as High Security Vulnerabilities
Enabling/disabling checks for attached USB devices

To enable scans for attached USB devices in a particular scanning profile:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Select the check box next to the `Enable scanning for USB Devices installed on the target computer(s)' option.

NOTE: USB device scanning is configurable on a scan profile by scan profile basis. If in a particular profile this option is not selected, no checks for attached USB devices will be performed in the security audits carried out by this scanning profile.

Compiling a list of unauthorized USB devices

To compile a list of unauthorized/dangerous USB devices:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Click on the USB Devices sub-tab.

4. In the list under `Create a high security vulnerability for USB devices whose name contains:' specify the names of the USB devices that you wish to classify as high security vulnerabilities.

Screenshot 85 - List of unauthorized/blacklisted USB devices

For example, if you enter the word "iPod" you will be notified through a high security vulnerability alert when a device whose name contains the word " iPod" is detected.

Compiling a list of safe USB devices

To compile a list of safe USB devices:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Devices tab.

3. Click on the USB Devices sub-tab.

4. In the list under `Ignore (Do not list/save to db) devices whose name contains:' specify the names of the safe USB devices (for example, USB mouse) that you wish to exclude from the scan results.

NOTE: Include only one USB device name per line.

Table of ContentsPreviousNextIndex