Agentless connection information for industrial device
Flows matrix
This matrix sums up the flows that may be required in order to monitor an industrial device in agentless mode.
| Source | Destination | Protocol | Port | Description |
|---|---|---|---|---|
| Cyberwatch scanner | Monitored asset Siemens | TCP | 102 | Communication TCP on port 102 |
| Cyberwatch scanner | Monitored asset Schneider Electric (Modicon) | TCP | 502 | Communication TCP on port 502 |
| Cyberwatch scanner | Monitored asset Rockwell Automation | TCP / UDP | 44818 | Communication TCP and UDP on port 44818 |
Required configuration for Cyberwatch
In order to add industrial devices to your agentless connection, you will need to add the right connector:
- Go to Administration > Connectors management
- In the Agentless connections types section, check the Industrial device box
The list of supported operating systems for agentless connection of industrial devices is available here
How agentless connections work for industrial equipment
We query the target ports of industrial equipment using protocols that meet the requirements of this sector. These protocols, implemented by the manufacturer on these devices for supervisory purposes, enable light and reliable interrogation. We can then identify the characteristics of this equipment, then rework and analyze this information to identify potential CVEs on your equipment.
You can add a new agentless asset from the agentless connection creation form. However, we recommend using industrial scan discoveries. By using discovery, we can be sure that the asset will be accessible at the destination port. This guarantees good scan connectivity later on.