Subscribe to the Taegis™ VDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Reaching Firewalled & Internal Assets

This article describes how Secureworks® Taegis™ VDR can be configured to scan your internal assets through your existing firewall in a secure way.

Most corporate networks require segmentation and isolation of assets from the outside world using firewalls. For VDR to be able to reach these assets securely, an Edge Service must be deployed in an internal network segment that is able to reach the assets to be scanned. Most frequently, this will be on the same network segment as the assets themselves.

This Edge Service is delivered in the form of a virtual machine disk image (not a full VM) for the platform you specify (ESXi, HyperV, Qemu, Xen, etc.).

Once the Edge Service has been started, it requires internet access to establish a secure tunnel (encrypted and authenticated) with your VDR instance to discover and scan assets in the firewalled network segment.

VDR Edge Service

VDR Edge Service

Requesting new Edge Services is done through the Edge Service Management menu (see Creating new Edge Services).


The Edge Service needs to connect back to VDR through your firewall. If you enforce hard egress filtering, you will need to open an outbound port from the network segment where the Edge Service is instantiated.