Scan for open ports
Does not apply to Deep Security as a Service
The Deep Security Manager can be instructed to scan a computer for open ports by right-clicking the computer and selecting Actions > Scan for Open ports, or by clicking the Scan for Open Ports button in the Firewall page of the Computer editorTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). window (where the results of the latest scan are displayed).
(Port scans can also be initiated by right-clicking an existing computer on the Manager's Computers page and choosing "Scan for Open Ports". Another way to initiate port scans is to create a Scheduled Task to regularly carry out port scans on a list of computers.)
By default, the range of ports that are scanned is the range known as the "Common Ports", 1-1024, but you can define a different set of ports to scan.
- Go to Policies > Common Objects > Lists > Port Lists and click New in the menu bar. The New Port List window will appear.
- Type a name and description for the new port list and then define the ports in the Port(s) text box using the accepted formats. (For example, to scan ports 100, 105, and 110 through 120, you would type "100" on the first line "105" on the second, and "110-120" on the third.) Click OK.
- Go to Computer or Policy editorYou can change these settings for a policy or for a specific computer. To change the settings for a policy, go to the Polices page and double-click the policy that you want to edit (or select the policy and click Details). To change the settings for a computer, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). > Settings > General and click the "Ports to Scan" menu. Your newly defined Port List will be one of the choices.