Onboarding VDR
1 Getting Started
2 Asset Discovery and Scan
3 Vulnerability Management
4 Troubleshooting and Support
Setting Up Edge Services and Other Prerequisites ⫘
Because internal assets are not internet-facing, Edge Service Virtual Machines must be deployed in each firewalled network segment for VDR to discover and scan assets.
Before you deploy Edge Service, take a moment to familiarize yourself with the minimum hardware recommendations and network connectivity requirements.
Important
216.9.204.0/22
is the public IP range that Edge Services connect to. Secureworks recommends that you safelist traffic to and from this subnet for your perimeter scans to ensure scan results consistency and to allow egress traffic from the Edge Service to the specified IP range.- Edge Services also require Internet access on ports 80/443 to auto-update themselves through this Internet channel.
You have the following Edge Service deployment options:
-
Install a Generic Post-Configured Edge Service (preferred) — Choose this option if the destination network can provide an IP for the new virtual machine. The IP can be assigned through Static IP assignment or through standard DHCP. This is the quickest deployment option.
-
Install a Fully Preconfigured Edge Service — Choose this option if the destination network cannot provide an IP for the new virtual machine (no DHCP available in this network and no way to manually set a static IP from network equipment.)
-
Set up an AWS AMI Based Edge Service — Choose this option if you want to set up an Edge Service inside your AWS VPC.
-
Create and configure an Edge Service through the Public API — Choose this option to use REST Open API to create and configure an Edge Service on the command-line.
Select the desired deployment option from the preceding list or the left-hand menu for more deployment information.