Page tree

This topic only applies to Armor Anywhere users.

To fully use this screen, you must add the following permission to your account:

  • View Vulnerability Scans

Overview

Use the Vulnerability Scanning screen to view scan reports. One report will contain the information for all your various virtual machines or servers. Scan reports will list your various virtual machines or servers based on the Armor-assigned instance ID.

These reports begin the scan process every Sunday at approximately 10:00 PM, local server time. The actual length of the scan varies, based on your environment.


View a report

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security
  2. Click Vulnerability Scanning
  3. Locate and select the desired scan. 

Troubleshooting Vulnerability Scanning screen

If you do not see any data in the Vulnerability Scanning screen, consider that:

  • The scanning is not complete. 
    • The scan takes place every Sunday at approximately 10:00 PM, local server time.

  • Your firewall rules have not been updated to support this feature. 

    • Inbound / OutboundService / PurposePortDestination
      Outbound

      Vulnerability Scanning

      *443/tcp
      • endpoint.ingress.rapid7.com
        • (United States)
      • ca.endpoint.ingress.rapid7.com
        • (Canada)
      • eu.endpoint.ingress.rapid7.com
        • (Europe)
      • ap.endpoint.ingress.rapid7.com
        • (Japan)
      • au.endpoint.ingress.rapid7.com
        • (Australia)
      Outbound

      Vulnerability Scanning

      *443/tcp
      • s3.amazonaws.com
        • (United States)
      • s3.ca-central-1.amazonaws.com
        • (Canada)
      • s3.eu-central-1.amazonaws.com
        • (Europe)
      • s3.ap-northeast-1.amazonaws.com
        • (Japan)
      • s3-ap-southeast-2.amazonaws.com
        • (Australia)

      * The agent will perform a lookup to the applicable DNS entry, which may resolve to one of multiple Amazon Web Services based subnets. As a result, if your firewall does not support outbound filtering by domain name, then you may need to open all outbound traffic to 443/tcp to accommodate this service.

  • You do not have permission to view this screen. 
    • You must have the View Vulnerability Scans permission enabled. Contact your account administrator to enable this permission. To learn how to update your permissions, see Roles and Permissions (Armor Complete).


If a virtual machine is incorrectly labeled as offline in a report, then contact Armor Support to run the Armor Toolbox. 


Review API calls





In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.