Asset Management

The asset in the system contains a lot of information:

  • Asset hardware and firmware information.
  • Asset connections, mini map indicating relationships with other assets, protocol pie chart.
  • Asset current open port/protocol.
  • Asset vulnerability. (unpatched/patched/potential)
  • Asset alert and connection alert.
  • Asset update history.

So this page describes how user can interact with asset in the system.

Create Asset

Usually, asset is created automatically by Neuralyzer during discovery phase. However, there is some assets Neuralyzer can’t discover (Ex: access switch). In this case, user can also create new asset manually by clicking on “Create asset” button at Assets or Map page.

User can add more NICs if the asset has multiple NIC cards.

Edit Asset

User can edit the asset properties even after Neuralyzer completely scans. The new properties that user edited will have higher priority and will not be overridden when Neuralyzer scanning the asset information again. At this time, “New properties detected**” will appear so that user can know Neuralyzer has detected the new asset information. User can choose which property should be overridden.

Clone Asset

This would be the same rule with creating asset.

Asset detail - Connection

You can see more detail about the asset by clicking on Detail button.

On connection tab, you can see all other assets that are connecting to the current asset on the mini map and the total connection by protocols. You can quickly open another asset by double-clicking on the node.

The connection list shows all connection that the asset has communicated.

You can sort or search any information related to the connection.

Asset detail - Open Port/Protocol

The open port/protocol tab indicates the current open port/protocol on the asset with some information:

  • Port: open/closed port.
  • Protocol: protocol is using.
  • Last seen open: the last time that port opens.
  • Last seen close: the last time that port closes.
  • Current state: current state of port.
  • Possible misconfigurations: when port open but no actual traffic or violate any open port policies.
  • Recheck: check possible misconfigurations.

Asset detail - Vulnerability

The open port/protocol tab indicates all CVEs that the asset is being/may be unpatched.

  • Unpatched: the CVEs that asset is not patched.
  • Patched: the CVEs that asset have resolved.
  • Potential: the CVEs that asset may not be patched.

You can see more information by click on the CVE.

  • CVSS version 3.x or 2.0
  • Last detected and resolved time.
  • CVSS Score.
  • CVE remediation document.
  • Vector.

Asset detail - Alert

Alert list page includes 2 tabs: Connection alerts list and Asset alerts list.

You can click on the link for more detail.

Asset detail - Update History

This tab indicates that what field of asset has been updated.

There are two factors that can change asset properties:

  • By system, Neuralyzer updates asset properties automatically during discovery/scanning.
  • By administrator, user is able to update the asset information so that Neuralyzer can learn and update the asset information for the next time scanning those assets.

Note: The asset changes make by administrator will have higher priority than the system.

Asset learning mode

Action on asset learning mode:

  • Extend: extend learning hours of specific asset.
  • Complete: complete learning phase of asset immediately.
  • User is able to force complete learning for all assets by turning on Anomaly Detection.

The asset will be put in learning mode in case:

  • Before turning on Anomaly Detection, at the first time starting Neuralyzer, all assets will be put in learning mode.
  • After turning on Anomaly Detection, a new asset that connect to the system will be put in learning mode.
  • Or user want to extend learning time.

Note: The asset and its connections will not be alerted during learning mode.

Field Asset

Neuralyzer haven’t supported scanning field asset yet. So user need to create field assets manually.

User is able to link field assets.

to one or more controller by clicking “Link to Controller” button then click on “+” button and choose the controller that scanned by Neuralyzer.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Asset Alert
On This Page
Asset ManagementCreate AssetEdit AssetClone AssetAsset detail - ConnectionAsset detail - Open Port/ProtocolAsset detail - VulnerabilityAsset detail - AlertAsset detail - Update HistoryAsset learning modeField Asset