Adding Registered Services Parent topic

Add dedicated servers for specific services that your organization uses internally or considers trustworthy. Identifying trusted services in the network ensures detection of unauthorized applications and services.
Add only trusted services to ensure the accuracy of your network profile.
Note
Note
Add up to 10000 total registered services. More than one server (IP address) may be dedicated to each service.
Each service-IP address combination adds an entry that counts towards the total 10000 registered services. For example, if you specify DNS for Services, and 10.2.1.1 and 10.2.1.2 for IP addresses, then 2 registered services are added.
Note
Note
When Deep Discovery Director is managing the network groups and assets, the settings for network groups and assets are disabled in Deep Discovery Inspector. Go to the Deep Discovery Director management console to configure the network groups and assets.

Procedure

  1. Go to AdministrationNetwork Groups and AssetsRegistered Services.
  2. (Optional) Specify registered services to add.
    1. Click Add.
      The Add Registered Services window appears.
    2. For Services, select one or more services.

      Service Types

      Service
      Network Server Description
      Active Directory
      Provides directory services and stores user accounts and passwords
      Configure the same server as the Domain Controller.
      Authentication Servers - Kerberos
      Provides Kerberos authentication
      Content Management Server
      Manages content
      Database Server
      Used as a database server
      DNS
      Used as a DNS server
      Domain Controller
      Responds to security authentication requests and allows host access to domain resources
      Configure the same server as the Active Directory.
      File Server
      Provides a location for shared file access
      FTP
      Used as an FTP server
      HTTP Proxy
      Used as an HTTP Proxy server
      Radius Server
      Used as the Radius authentication server
      Security Audit Server
      Detects vulnerabilities and insecure configurations
      SMTP
      Used as an SMTP server
      SMTP Open Relay
      Used as an SMTP Open Relay server
      Software Update Server
      Used for the following:
      • Responsible for Windows Server Update Services (WSUS)
      • Performs remote deployment
      Web Server
      Used as a web server
    3. For IP addresses, type one or more IP addresses delimited by spaces.
      The Add Registered Services screen supports IPv4 and IPv6. You can specify single IP addresses, IP address ranges, or IP addresses or ranges in CIDR format. Refer to the following examples:
      • Single IP address: 10.0.0.5
      • IP address range: 10.0.0.0-10.255.255.255
      • CIDR format: 10.0.0.0/8
      When you specify multiple services and multiple IP addresses, a registered service for each service-IP address combination is added. For example, if you specify DNS and SMTP for Services, and 10.2.1.1 and 10.2.1.2 for IP addresses, then the following 4 registered services are added:
      • DNS: 10.2.1.1
      • DNS: 10.2.1.2
      • SMTP: 10.2.1.1
      • SMTP: 10.2.1.2
    4. (Optional) For Description, type your own description for the services.
      The description can be 256 characters or less.
  3. (Optional) Analyze detections and select registered services to add.
    1. Click Analyze.
      The detections are analyzed. After analysis, a list of detected services and domains on your network appears.
    2. Select the checkbox for each item you want to add.
    3. (Optional) In the Description column, type a description for each item that you selected.
    4. Click Save.
    5. Refresh the page in your browser.
      The services appear in the list.
  4. (Optional) To edit a service, click on the IP address in the list.