Page tree




In This Document 


Was this document useful? 
Your Rating:
Results:
1 Star2 Star3 Star4 Star5 Star
2 rates


Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.



This topic only applies to Armor Anywhere users.

To fully use this screen, you must add the following permission to your account:

  • View Vulnerability Scans

Overview

You can use the Vulnerability Scanning screen to view scan reports. One report will reflect all of your virtual machines or servers; in these reports, your virtual machines are displayed using their Armor-assigned instance ID.

Scans take place continuously; however, the process to compile a week's worth of data into a single report begins every Sunday at approximately 10:00 PM, Central Standard Time. When a report is complete, it will be available in the Vulnerability Scanning screen. Based on your data center's location and your environment, your report's availability in AMP may vary.  


View a report

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security
  2. Click Vulnerability Scanning
  3. Locate and select the desired scan. 

Troubleshooting Vulnerability Scanning screen

If you do not see any data in the Vulnerability Scanning screen, consider that:

  • The scanning is not complete. 
    • The scan takes place every Sunday at approximately 10:00 PM, local server time.

  • Your firewall rules have not been updated to support this feature. 

    • Inbound / OutboundService / PurposePortDestination
      Outbound

      Vulnerability Scanning

      *443/tcp
      • 34.226.68.35
      • 54.144.111.231
      • 52.203.25.223
      • 34.236.161.191
        • endpoint.ingress.rapid7.com
        • (United States)

      • 52.60.40.157
      • 52.60.107.153
        • ca.endpoint.ingress.rapid7.com
        • (Canada)

      • 3.120.196.152
      • 3.120.221.108
        • eu.endpoint.ingress.rapid7.com
        • (Europe)

      • 52.64.24.140
      • 13.55.81.47
      • 13.236.168.124
        • au.endpoint.ingress.rapid7.com
        • (Australia)
      • 103.4.8.209
      • 18.182.167.99
        • ap.endpoint.ingress.rapid7.com
        • (Japan/Asia/Asia Pacific)
      Outbound

      Vulnerability Scanning

      *443/tcp
      • s3.amazonaws.com
        • (United States)
      • s3.ca-central-1.amazonaws.com
        • (Canada)
      • s3.eu-central-1.amazonaws.com
        • (Europe)
      • s3.ap-northeast-1.amazonaws.com
        • (Asia / Asia Pacific)
      • s3-ap-southeast-2.amazonaws.com
        • (Australia)

      * The agent will perform a lookup to the applicable DNS entry, which may resolve to one of multiple Amazon Web Services based subnets. As a result, if your firewall does not support outbound filtering by domain name, then you may need to open all outbound traffic to 443/tcp to accommodate this service.

  • You do not have permission to view this screen. 
    • You must have the View Vulnerability Scans permission enabled. Contact your account administrator to enable this permission. To learn how to update your permissions, see Roles and Permissions.


If a virtual machine is incorrectly labeled as offline in a report, then contact Armor Support to run the Armor Toolbox. 


Review API calls