Role AvailabilityRead-OnlyInvestigatorAnalystManager
When running a scan in USM Anywhere, you can run it with or without authentication, a process used to verify the identity of a user, user device, or other entity, usually through a username and password. A credential is an identification that proves you are who you claim to be, and you are, therefore, a reliable source. When running a scan without authentication, USM Anywhere probes the network services available on the target machine. Using known protocol behaviors, it attempts to identify the software that is running as well as its configuration and version. With this information, USM Anywhere then attempts to match the identified software with the known vulnerabilities to produce a report. The benefit of this approach is that the detection can be very specific in identifying known vulnerable behaviors. When you choose to run a scan with authentication, your credentials allow USM Anywhere to query the running machine to gain detailed and accurate information about the running software and its configuration. This prevents from misidentified services that can sometimes occur in the unauthenticated approach. In addition, an ensures that all services and software are analyzed regardless of whether the service is running or accessible from the network.
Important: A vulnerability scan requires credentials to perform an on a host.
Keep in mind these points:
  • USM Anywhere uses the credentials available for a given , no matter what the are for those credentials.
  • When you run a scan for an asset, USM Anywhere uses the asset credential if the asset has one; if the credential does not work or the asset does not have an assigned credential, USM Anywhere uses the credential of the group which the asset is a member of, if it is part of an .
    Important: Credentials assigned directly to an asset have higher priority than those assigned to an asset group.
  • When the asset does not have an assigned credential and the asset is a member of several asset groups with different assigned credentials, USM Anywhere tests every credential and uses the first one that works.
  • When you assign a credential to an asset group, USM Anywhere assigns the credential to the group instead of assigning it to all of its members. If you want to assign a credential to all members of a group, see Assign Credentials to Group Members.
  • USM Anywhere supports these cipher types: 
    aes128-ctr
3des-ctr
blowfish-cbc
aes256-cbc
aes192-cbc
aes128-cbc
3des-cbc
aes256-ctr
This topic discusses the following subtopics:

Scan Target Platform Support

USM Anywhere supports running vulnerability scans on the following platforms and devices:
Important: Any operating systems (OSes) not listed here are unsupported. USM Anywhere operations, such as vulnerability scans, may not behave as intended on unsupported platforms.
Microsoft Windows:
  • Windows 7, 8.1, and 10
  • Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016 and 2019
Linux:
  • Amazon Linux and Linux 2
  • CentOS 6, 7, and 8
  • Debian 10
  • Fedora 32 and 33
  • Linux Mint 18, 19, 20, and Debian Edition 4
  • Oracle Linux 6, 7, and 8
  • Redhat Enterprise Linux 6, 7, and 8
  • Ubuntu 16.04, 18.04, 20.04, and 20.10
Apple macOS:
  • macOS 10.10, 10.11, 10.12, 10.13, 10.14, 10.15, and 11