If you want to change, delete, or add information regarding assets that have been identified by your USM Anywhere Sensor, follow the guidelines on this page to edit your assets.
- Go to Environment > Assets.
- Next to the asset name that you want to edit,
click the icon and select Configure Asset. The configure asset dialog box opens.
- Modify the data of the items that need to be modified, as described in the Field Descriptions table below.
- Click Save.
|Name||Name identifying the asset. This field is required.|
|Description||(Optional.) A short description for the assetAn IP-addressable host, including but not limited to network devices, virtual servers, and physical servers..|
|Sensor||SensorSensors are deployed into an on-premises, cloud, or multi-cloud environment to collect log and other security-related data. This data is normalized and then securely forwarded to USM Anywhere for analysis and correlation. to associate with the asset.|
|Network Interfaces||IP Address. IP address assigned to the asset.|
|MAC Address. MAC AddressA unique numeric value assigned by the manufacturer to identify a specific network device or computer, which allows communication over networks. Note that a device’s MAC address can be manipulated. assigned to the asset.|
|FQDN. Fully Qualified Domain Name.|
|Icon||Symbol that represents the asset.|
|Asset Type||Device type that identifies the asset. Select an option from the list. See USM Accepted Asset Types for more information.|
|Agent Profile||You can assign an agent profile to the asset. See AlienVault Agent Configuration Profiles for more information. This field displays if the agent is connected and if the user has the role Manager.|
|Prevent Remote Scanning||Select this field to avoid remote scanning. This option displays or not depending on your sensor.|
|Time Zone||(Optional.) Time zone assigned to the asset. The default value is blank, which causes the asset to inherit the sensor's time zone. Changing the asset's time zone automatically applies the new time zone to all new logs collected from the asset.|
|Compliance Scope||Add the asset to Payment Card Industry (PCI) and/or Health Insurance Portability and Accountability Act (HIPAA). See Working with Assets and PCI DSS and USM Anywhere Compliance Templates for more information.|
|Other Asset Fields||
Asset fields created by the user. The fields that are system defaults will not be displayed. See Managing Asset Fields for more information.
Important: You must enter at least one of the three fields in Network Interfaces. These fields are highlighted when the values are not valid.
Important: Use the Prevent Remote Scanning option if there are devices in your environment that can be affected by an NMAP scan. For example, you can use this option to prevent scanning printers. The best option for excluding printers or other devices is to create an asset group containing what you want to scan and launch scans against that group. This option does not work for jOVAL-based authenticated asset scans because jOVAL requires authentication SSH or WinRM credentials.
USM Accepted Asset Types
The Asset Type field drop-down list includes a wide list of asset types from which to choose, which are defined in this table:
|Asset Type Name||Description|
|Bridge||A bridge combines two or more subnetworks into one. With a bridge this happens at a lower level than with a router. This category also includes things like Ethernet-to-serial bridges.|
|Devices in this category connect a network to the Internet through cable, asymmetric digital subscriber line (ADSL), and fiber optics. Some of these devices provide network address translation, a firewallVirtual or physical device designed to defend against unauthorized access to data, resources, or a private network. A firewall’s primary purpose is to create segregation between two or more network resources, blocking undesirable traffic between them., portEndpoint of a communication stream identified by a unique integer number. Only one process per machine can listen on the same port number. forwarding, or other services.|
|Cloud||Model of computer data storage in which the digital data is stored in logical pools.|
|Database||Device that provides network-based data storage services.|
|Firewall||A firewall controls what traffic is allowed into or out of a network. Some also have additional capabilities. This category does not include general-purpose operating systems (OSes) that happen to come with a firewall, but it does include OS distributions purpose-built to work only as a firewall.|
|Game console||A video game console like the Microsoft Xbox or Sony PlayStation.|
|General purpose||General-purpose operating systemsSoftware that manages computer hardware resources and provides common services for computer programs. Examples include Microsoft Windows, Macintosh OS X, UNIX, and Linux. like Linux and Microsoft Windows.|
|Hub||A hub joins network segments by re-broadcasting all traffic. Hubs are distinct from switches, which selectively transmit packets only to relevant destinations.|
|Laptop||Small and portable personal computer.|
|Load balancer||A device that distributes inbound traffic to multiple devices to ease the load on those devices.|
|Media device||This category includes all kinds of audiovisual equipment, including portable music players, home audio systems, TVs, and projectors.|
|PBX||A private branch exchange (PBX) routes telephone calls within a private organization and connects them to the public telephone network or Voice over Internet Protocol (VoIP).|
|PDA||A personal digital assistant (PDA) is a handheld computer. Devices that are also telephones go in the "phone" category.|
|Phone||A network-capable telephone that is not a VoIP phone. Devices in this category are typically mobile phones.|
|Power-device||Miscellaneous power devices like uninterruptible power supplies (UPSes) and surge protectors.|
|Printer||Network-enabled printers, including printers with an embedded print server.|
|Print server||A print server connects a printer to a network. Printers that contain their own print server go in the "printer" category instead.|
|Proxy serverComputer that acts as an intermediary for requests from computers seeking resources from other servers.||Any kind of proxy, including web proxies and other servers that cache data or understand high-level protocols.|
|Remote management||Devices that allow servers or other equipment to be monitored or managed remotely.|
|Router||Routers connect multiple networks. They are distinct from hubs and switches because they route packets between different networks as opposed to extending one network.|
|Security-misc||Any security device that doesn't fall into the “firewall” category belongs in this category. This includes intrusion detectionSecurity system capability that attempts to detect actions that may compromise the confidentiality, integrity, or availability of a resource. and prevention systems.|
|Server||Device that provides functionality for other programs or devices.|
|Specialized||The catch-all category. If a device doesn't fall into one of the other categories, it is specialized. Examples in this category are diverse and include such things as clocks, oscilloscopes, climate sensors, and more.|
|Storage-misc||Data storage devices like tape decks and network-attached storage appliances.|
|Switch||A device that extends a network by selectively re-broadcasting packets. Switches are distinct from hubs, which broadcast all packets.|
|Telecom-misc||Devices used by telephone systems that are not PBXs, like voicemail and Integrated Services Digital Network (ISDN) systems.|
|Terminal||A device with a keyboard and monitor with the primary purpose of communicating directly with a terminal server or mainframe.|
|Terminal server||A device providing terminal facilities to clients over a network.|
|VoIP adapter||A device that converts between VoIP protocols and normal telephone traffic. Also may convert different VoIP protocols.|
|VoIP phone||A phone capable of a VoIP protocol.|
|WAP||Wireless access points (WAPs) offer a wireless connection to a network. Most work with radio technology like 802.11b. but some use infra-red or something else. Devices that could also be put in another category, like wireless broadband routers, are put in the WAP category because WAPs require special network considerations.|
|Web server||Device that provides contents to the World Wide Web. A web server processes incoming network requests over HTTP and several other related protocols.|
|Webcam||Any kind of camera that stores or transmits pictures or video. This includes everything from consumer webcams to security system cameras.|