High level comparison of different Footprint Deployment Types and corresponding Features:
Agentless Features | Linux Agent | MacOS Agent | Windows Agent - Local | Windows Agent - AD Integrated | Super Agent | Internal Scanner | Cloud Scanner |
Network Level Scan [Public] | ✖ | ✖ | ✖ | ✖ | ✔ | ✔ | ✔ |
Network Level Scan [Private] | ✖ | ✖ | ✖ | ✖ | ✔ | ✔ | ✖ |
Open Ports | ✖ | ✖ | ✔ | ✔ | ✔ | ✔ | ✔ |
Attack Avenues | ✖ | ✖ | ✖ | ✖ | ✔ | ✔ | ✔ |
Basic Overview [Security Solution, OS, Services, Users] | ✖ | ✖ | ✔ | ✔ | ✔ | ✖ | ✖ |
SCAP/OVAL Scan | ✖ | ✖ | ✔ | ✖ | ✔ | ✖ | ✖ |
Agent Based Fingerprint [Network Edge] | ✖ | ✖ | ✔ | ✖ | ✔ | ✖ | ✖ |
Applications [Listening Ports] | ✖ | ✖ | ✔ | ✔ | ✔ | ✔ | ✔ |
Applications [All] | ✔ | ✔ | ✔ | ✔ | ✔ | ✖ | ✖ |
Associated CVEs | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
Note: At least one agent is always Locally installed on at least one host even if it is AD Integrated or Super Agent. So the Agent - Local would apply to that host and the AD Integrated and/or Super Agent features are applied to the other hosts scanned by the host with the local agent installed.
Note: Both AD Integrated and Super Agent are additional features and may work as complementary scan methods to Local Installed Agents.
AD Integrated - This local agent may run scans on other machines in it’s AD without replicating to those machines and without installing any additional software or services on those other machines.
Super Agent - This local agent also hosts an Internal Scanner [Network Level] and can scan other subnets that are L3 reachable.
Reference Architecture for Cloud Scanner and Internal Scanner:
Reference Architecture for Local Agent and AD Integrated Agent:
Comments
0 comments
Please sign in to leave a comment.