Device Collector

The beSECURE Device Collector scan setting provides the option to automatically extract the hosts and IP addresses of assets (servers, workstations, etc.) in use during a scan (negating the need to manually enter them in the scan range), based on your vendor integrations with beSECURE (for example, AWS, InfoBlox, DHCP, etc.). This setting is useful for security management as it automates the process, and dynamically responds to changes in your infrastructure and network.

Every 30 minutes, beSECURE makes a request to check if new hosts or IP addresses were added, removed, or changed since the last scan, and tracks those changes in the Last Log Entry box for each collector type.

Device Collector is very useful for security management as it automates the scanning process as well as dynamically responds to your changing infrastructure and network changes.

IT managers usually use management tools such as the tools beSECURE integrates with (Amazon, Azure, Tufin, Atera, etc.).

Using the beSECURE device collector allows to have the hosts assigned to the scan or detected by each of these vendors (i.e. to Azure servers, Amazon, Atera, etc) to be scanned without need to manually add the hosts (in the scan range) as beSECURE (after the connection is completed filling out a few fields) automatically pulls out the hosts from each vendor.

All changes are tracked in each vendor (the user integrates with) as beSECURE makes a request every 30 minutes to check if hosts were added, removed or changed.

To select a beSECURE Device Collector for a Scan

1. Select the DevOps mode from the top-left corner of the screen.

2. From the left navigation pane, select Scans > Scans List.

3. Select an existing scan from the list to view its details, or create a new scan.

4. Under the Settings tab, select the Device Collector (Optional) sub-tab.

5. Click the Collector Type box and select the desired type of collector for this scan, based on your vendor integrations. See Device Collector Types / List of integrations offered in Device Collector for details on each available type.

6. Populate any parameters pertaining to the collector type you selected.

7. Click Modify to save your changes.

Setting up a Device Collector integration

To set up a Device Collector integration, do the following:

1. Log in to beSECURE.

2. In the upper-left corner of the Home page, select DevOps.

3. Select Scans > Scans List.

4. From the Scan List page, select the desired scan.

5. From the Settings tab, select the Device Collector (Optional) tab.

6. In the Collector Type box, select the desired device collector. The corresponding parameters will vary depending on the device collector you chose.

Device Collector Types / List of integrations offered in Device Collector

In the Collector Types box, you will find all available integrations with several different device collectors. A short description for each is provided below:

Name	Description
Agent Scanning	Agent Scanning deploys an agent-based scanning option that collects vulnerabilities and issues found in Windows. Agent Scanning offers you to deploy (on Windows) agent-based scanning option - this allows collecting vulnerabilities and issues found in Windows.
AlgoSec AFA	AlgoSec is a provider of software for network security policy management, also known as firewall policy management. AlgoSec's products automate the management and enforcement of security policies across firewalls, routers, virtual private networks, and related security devices.
Asset Groups	Uses an Asset Group that you would have previously configured and scans the hosts/IP addresses that were added within a specific asset group. The “Asset Groups” option represents the possibility to use an Asset Group that you would have previously configured and scan the hosts/IP’s that you decided to add within a specific asset group.
Atera	Atera Networks provides IT integrators with the necessary tools to become full MSPs at a price that they can afford, while giving existing MSPs the ability to replace their expensive legacy software with a modern cloud product that costs significantly less.
Automox	Automox is a cloud-based patching platform that fully automates the patch remediation process across Windows, macOS, Linux, and third-party software - including Adobe, Firefox, Chrome, and Windows. The platform works across both clients and servers.
AutoTask Dato RRM	Dafo RMM is a fully-featured, secure, cloud-based platform which enables MSPs to remotely monitor, manage and support every endpoint under contract, reducing cost and increasing service delivery efficiency.
Amazon EC2 Instances	An Elastic Compute Cloud (EC2) instance is a web service where a Amazon Web Service (AWS) subscriber can request and provision a compute server in the AWS cloud. AWS provides multiple instance types for the respective business needs of the user.
Azure Compute Virtual Machine	Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure offers. Typically, you choose a VM when you need more control over the computing environment than the other choices offer.
ConnectWise	ConnectWise is a self-hosted server application that permits the primary user to host the software on their own servers, PC, virtual machine (VM), or virtual private server (VPS). Once installed, the central web application can be made visible inside and outside of the local area network (LAN). ConnectWise Control has a proprietary protocol and exposes an open architecture structure that can be utilized by users to implement custom plug-ins, scripting, or various integrations.
Device42	Device42 is an agentless discovery system for Hybrid IT. Device42 can continuously discover, map, and optimize infrastructure and applications across data centers and cloud, providing accurate views of your IT ecosystem. Device42 intelligently groups discovered workloads by application affinities, dramatically reducing the effort required to create move groups, capturing all communications.
DNS AXFR (Zone Transfer)	DNS zone transfers using the AXFR protocol are the simplest mechanism to replicate DNS records across DNS servers. To avoid the need to edit information on multiple DNS servers, you can edit information on one server and use AXFR to copy information to other servers.
Efficient IP	EfficientIP is a network security and automation company, specializing in DNS- DHCP-IPAM (DDI). They promote business continuity by making your IP infrastructure foundation reliable, agile and secure.
eNMS	eNMS is a Free and Open Source Software designed for building workflow-based network automation solutions. It opens the power of network automation to companies whose business is their network. eNMS is designed to be highly customizable. While it provides by default a number of services leveraging libraries such as Ansible, Netmiko and Napalm, any python script can be automatically integrated to the web platform, and used as a component of a workflow.
ExtraHop	ExtraHop Networks is an enterprise cyber analytics company headquartered in Seattle, Washington. ExtraHop helps organizations understand and secure their environments by analyzing all network interactions in real-time and leveraging machine learning to identify threats, deliver critical applications, and secure investments in the hybrid cloud.
Genians NAC	Genians’ platform securely connects People to People, People to Things, and Things to Things, ensuring safety without sacrificing performance. Genians scans and controls user devices as they connect to the network, looking for data and behavior that could impact your business. Whether the threats are from insiders or external sources, real-time detection and prevention will enhance the integrity of both enterprise and personal data.
Google Cloud Compute (GCP)	Google Compute Engine is the Infrastructure as a Service component of Google Cloud Platform which is built on the global infrastructure that runs Google's search engine, Gmail, YouTube and other services. Google Compute Engine enables users to launch virtual machines on demand.
InfoBlox DHCP	Infoblox IPAM and DHCP is part of the industry's only integrated platform for DNS, DHCP, and IPAM (DDI) that offers automation of both IP addresses and switch ports.
InfoBlox DNS	Infoblox delivers essential technology to enable customers to manage, control and optimize DNS, DHCP, IPAM (DDI). Infoblox's technology helps businesses automate complex network control functions to reduce costs and increase security and uptime.
ISC BIND9 (Zone file)	BIND is an open source system free to download and use, offered under the Mozilla Public License. BIND can be used to run a caching DNS server or an authoritative name server, and provides features like load balancing, notify, dynamic update, split DNS, DNSSEC, IPv6, and more.
ISC DHCPD	DHCPD is a DHCP server program that operates as a daemon on a server to provide Dynamic Host Configuration Protocol service to a network. This implementation, also known as ISC DHCP, is one of the first and best known, but there are now a number of other DHCP server software implementations available.
Jamf	Jamf is a software company that is the developer of Jamf Pro, an application used by system administrators to configure and automate IT administration tasks for macOS, iOS, and tvOS devices. The product includes server and client software that runs on iOS, macOS, and tvOS.
Kaseya VSA	Kaseya has turbo-charged your IT management experience with support for PowerShell in Live Connect; enhanced ticketing integration with BMS.
LibreNMS	LibreNMS is an autodiscovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems including Cisco, Linux, Juniper, Foundry, and many more. LibreNMS is a community-based fork of the last GPL-licensed version of Observium.
NinjaRMM	NinjaRMM is a remote monitoring and management platform that combine sa lot of functionalities and it’s often used by MSPs and IT.
OpenVPN Status	OpenVPN is a virtual private network system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.
Palo Alto GlobalProtect (VPN)	GlobalProtect network security client for endpoints, from Palo Alto Networks , enables organizations to protect the mobile workforce by extending the Next-Generation Security Platform to all users, regardless of location.
Pulseway	Pulseway is a Remote Monitoring and Management (RMM) Software that immediately boosts the efficiency of IT teams and MSPs by giving them the tools to monitor & manage all their IT systems.
Riverbed Netprofiler	Riverbed NetProfiler Advanced Security Module transforms network data into security intelligence, providing essential visibility and forensics for broad threat detection, investigation, and mitigation. By capturing and storing all network flow and packet data across your enterprise, it delivers the crucial insights to detect and investigate advanced persistent threats that bypass typical preventative measures, as well as those that originate inside the network.
Rumble Discovery	Rumble Network Discovery provides fast and comprehensive network discovery without the need for credentials or tap port access. Rumble was built from scratch for modern networks and works where most discovery products give up, enumerating MAC addresses, hostnames, and services across remote networks, within hardened environments, without special configuration.
SNMP	Simple Network Management Protocol is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.
SolarWinds Orion	The SolarWinds Orion Platform is a powerful, scalable infrastructure monitoring and management platform designed to simplify IT administration for on- premises, hybrid, and software as a service (SaaS) environments in a single pane of glass.
SolarWinds RMM	SolarWinds RMM is a remote monitoring and management software designed for IT professionals and MSPs (managed services providers). It is a network management solution, which provides IT service providers advanced tools to be able to maintain, secure, and improve their IT operations.
SysAID ITSM	SysAid is a leading provider of IT service management (ITSM) solutions that enable IT professionals to manage their IT infrastructures and IT services with greater ease and efficiency. Their aim is to simplify the daily challenges that IT professionals face with intuitive, innovative, and cost-effective solutions that combine uncompromising performance with ease-of-use.
Tufin Secure track (Monitored Device)	Tufin SecureTrack monitors the various components of your network and security infrastructure, and provides tracking, analysis, and reporting tools for the received policy revisions for any monitored device. You can manage SecureTrack from any PC that has HTTPS access to SecureTrack's web interface.
Ubiquiti SDN	The UniFi Software-Defined Networking (SDN) platform is an end-to-end system of network devices across different locations — all controlled from a single interface.
VMware Vsphere (v7 and +)	VMware vSphere (formerly VMware Infrastructure 4) is VMware's cloud computing virtualization platform.vSphere is a VMware cloud computing platform for virtualization. It includes an updated vCenter Configuration Manager, as well as vCenter Application Discovery Manager, and the ability of vMotion to move more than one virtual machine at a time from one host server to another.
Vicarius Topia	Vicarius Tpia is a cloud-based vulnerability assessment tool that works to predict and protect against OS and third-party app vulnerabilities.
Zabbix	Zabbix is an open-source monitoring software tool for diverse IT components, including networks, servers, virtual machines and cloud services. Zabbix provides monitoring metrics, among others network utilization, CPU load and disk space consumption.