All users have the option to scan hosts by IP address. When the Scan by Hostname feature is enabled and properly configured, users also have the option to scan hosts by their DNS or NetBIOS hostnames. Scanning by hostname can be useful if you have multiple locations where assets are configured by DHCP network ranges or if your assets are better known by hostnames determined by a naming convention.
Contact your account manager or technical support to enable the Scan by Hostname feature for your subscription. Note that this feature is available only to scanner appliance users because a scanner appliance is required to resolve hostnames to IP addresses. You can tell if this feature has been enabled by creating a new asset group and seeing if the DNS and NetBIOS tabs appear in the group. To create a new group, select Asset Groups on the left menu and go to New > Asset Group. If the DNS and NetBIOS tabs are visible, the Scan by Hostname feature is enabled for the subscription.
Before you begin using the Scan By Hostname feature, please confirm that these configurations are setup properly. Without proper configuration, the service will not provide results for the selected hostnames.
DNS/WINS Servers on your network. Check the Hostname to IP resolution performed by the DNS servers and/or WINS servers on your network to be sure the hostnames to be scanned resolve to IP addresses in your account.
Scanner Appliances. Check the scanner appliances to be used for scanning to be sure the DNS servers or WINS servers defined for their configuration match the DNS/WINS servers to be used for hostname to IP resolution.
Host Assets in your account. Check the Host Assets in your user account to be sure the IP addresses (full IP ranges) that the hostnames will resolve to are included in your account.
You'll need to create an asset group that contains the list of hostnames that you want to scan and the scanner appliance that can resolve those hostnames. If the scanner appliance cannot resolve a hostname to an IP address in your account, no scan results will be reported for the host.
When the Scan by Hostname feature is enabled, Managers have the option to add hostnames to asset groups for scanning purposes. Create a new asset group or edit an existing asset group. Then add DNS hostnames on the DNS tab and NetBIOS hostnames on the NetBIOS tab (see DNS and NetBIOS Formatting.). Note that the DNS and NetBIOS tabs are editable only by Manager users. Other users can view the DNS and NetBIOS tabs and review the hostnames assigned to the group.
To scan by hostname, the asset group must have a scanner appliance that can resolve hostnames to their IP addresses. On the Scanner Appliances tab, review the list of scanner appliances in the group and add scanner appliances as needed. The first scanner appliance assigned to an asset group is initially set as the default for the group. If the group has multiple scanner appliances you can change the default by selecting another scanner appliance and clicking the Set As Default button.
When the asset group is scanned, all hostnames on the DNS and NetBIOS tabs are scanned and all IP addresses on the IPs tab are scanned. This means that you can specify some hosts by IP address and other hosts by hostname.
To scan hosts by hostname, start a new vulnerability or compliance scan and select the asset group that contains the hostnames as the scan target. Set the Scanner Appliance option to "Default", "All Scanners in Asset Group" or select a scanner appliance name. The scanner appliance selected must be able to resolve the hostnames in the group to IP addresses in the account. Note that you cannot scan hosts by hostname using the "External" scanner appliance option. Click Launch to start the scan. All hostnames in the group and all IP addresses in the group are scanned.
Scan results are always sorted by IP address. When you scan a host by hostname, the scanner appliance resolves the hostname to an IP address in your account and reports the results by IP address. If a hostname cannot be resolved to an IP address in your account, then scan results are not returned for the host.
Tip: You can sort the data in scan reports by DNS or NetBIOS hostname by assigning a tracking method to your hosts. See Step 3 below.
Important: Asset groups that only contain DNS and/or NetBIOS hostnames cannot be used in reporting.
You can run reports on the IP addresses resolved from the scanned DNS and NetBIOS hostnames. To quickly identify the resolved IP addresses perform an asset search. Select Asset Search from the left menu. Enter your search target (asset groups and/or IP addresses) and then enter the DNS hostname or NetBIOS hostname that you're interested in. Click Search. The Asset Search Report appears in a second browser window with a list of IP addresses that match the hostname provided.
Once you know the resolved IP addresses, you can run scan reports on the IP addresses. Add the resolved IP addresses to a new asset group directly from the Asset Search Report or simply enter the IPs or an IP range as the report target.
Tip: You can sort the data in scan reports by DNS or NetBIOS hostname by assigning a tracking method to your hosts. To do so, select Host Assets from the left menu and identify the host that you're interested in. Edit the host and select DNS hostname or NetBIOS hostname from the Tracking Method menu under Host Attributes. Hosts assigned a tracking method of DNS hostname or NetBIOS hostname will be listed in alphabetical order by hostname in your scan reports. Note that the assigned tracking method does not affect scan results which are always sorted by IP address. See Tracking Method for more information.