Discovering ALL Interfaces on a Firewall
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2024 03:01 AM
Hi,
With Firewall Discovery Patterns it seems that the only interfaces that will be created are Network Adapter with IP Addresses and that any Layer 2 interfaces where no IP Address exists do not get created.
Am I missing something and do these get created somewhere?
I can imagine we can amend the Pattern to do this if not, but does anyone have thoughts on the best place for them - would it simply be dscy_switchport?
Thanks,
Alec
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2025 01:37 AM
Hello @Alec Hanson ,
I am having similar requirement, wherein the Network team is expecting all the network adapters to be discovered which are not having the IP address.
Were you able to achieve your requirement?
Appreciate your quick response!
Regards,
Amreen.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2025 04:12 PM
@AmreenS75202193 @Alec Hanson : this could be the reason:
pattern shared library "Discover Common Firewall Attributes", step 1.2.44. Keep only interfaces with ipv4
You can try to disable this step and compare the payloads. There could be some side effects with identification rules, watch out for duplicates and CI attribute values flapping.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2025 02:52 AM
Thanks @Severin Launiau !! But in my case I am much interested to discover the interfaces for routers which are non-IP based. Is there a way for it?
Regards,
Amreen.
