Agentless connection information for industrial device

Flows matrix

This matrix sums up the flows that may be required in order to monitor an industrial device in agentless mode.

SourceDestinationProtocolPortDescription
Cyberwatch scannerMonitored asset SiemensTCP102Communication TCP on port 102
Cyberwatch scannerMonitored asset Schneider Electric (Modicon)TCP502Communication TCP on port 502
Cyberwatch scannerMonitored asset Rockwell AutomationTCP / UDP44818Communication TCP and UDP on port 44818

Required configuration for Cyberwatch

In order to add industrial devices to your agentless connection, you will need to add the right connector:

  1. Go to Administration > Connectors management.
  2. In the Agentless connections types section, check the Industrial device box.

The list of supported operating systems for agentless connection of industrial devices is available here

How agentless connections work for industrial equipment

We query the target ports of industrial equipment using protocols that meet the requirements of this sector. These protocols, implemented by the manufacturer on these devices for supervisory purposes, enable light and reliable interrogation. We can then identify the characteristics of this equipment, then rework and analyze this information to identify potential CVEs on your equipment.

You can add a new agentless asset from the agentless connection creation form. However, we recommend using industrial scan discoveries. By using discovery, we can be sure that the asset will be accessible at the destination port. This guarantees good scan connectivity later on.