![\"\"](\"https:\/\/secognition.com\/wp-content\/uploads\/2021\/09\/hwinv.png\")
<\/p>\nAt the top of most lists to better secure your network is to have an up to date inventory of physical and virtual assets connected to your network.\u00a0 Most security controls frameworks have as their most fundamental controls to implement.\u00a0 For corporations with mature procurement processes this is easier, but what about a home user or small or medium business?\u00a0 It’s one thing to have a list but how often is it updated?\u00a0 How can this be automated?\u00a0 Can I get alerts if a new device is detected?<\/p>\n
Below I’ll try to help out with some pointers and outline my journey to an asset inventory.<\/p>\n
At it’s most basic level you can get away with a Microsoft Excel spreadsheet that outlines the following high level criteria:<\/p>\n
<\/p>\n
<\/p>\n
The Center for Internet Security has a free template that can be used at the following Link<\/a><\/p>\n Naturally, filling our a spreadsheet and keeping it up to date can be daunting.\u00a0 You fill it out once and give yourself a pat on the back for doing it, but…. do you really want to get into the habit of updating it every time something new pops up.\u00a0 Imagine 10s or 100s of new things, not to mention things that get lost.\u00a0 This manual approach does not scale well.<\/p>\n Glad you asked.\u00a0 There are a multitude of tools, free and not so free that keep trying to do something about this.\u00a0 In my own small network, I’ve used the following.<\/p>\n I’ve had great success with https:\/\/rumble.run<\/a>.\u00a0 There’s a free tier called the Rumble Starter Edition where you can scan up to 1024 IPs but will track 256 live assets at this tier.\u00a0 More than enough for a small network.\u00a0 One of the big pluses is that I don’t need to install a client software on each individual machine.\u00a0 The fingerprinting function on the rumble client is really good and constant updates have brought many more device types into the fold.<\/p>\n Steps to get going:<\/p>\n Once the client has scanned once you should see reports filling in similar to:<\/p>\n You can then drill down into different asset classes or show all discovered assets through the inventory menu.\u00a0 Many options are available to slice and dice this data into a format you would need to keep track of your hardware assets through the Export button you can extract a report of assets in JSON, XML and CSV formats or through an API call.<\/p>\n <\/p>\n I use this mostly to keep an eye on what’s on the network.\u00a0 I run it once a day across the different VLANs on my network.\u00a0 Coupled with a vulnerability scanner this goes a long way to making sure you’re kept aware of what’s responding on your network and if any patching needs to be done.<\/p>\n <\/p>\n <\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" At the top of most lists to better secure your network is to have an up to date inventory of physical and virtual assets connected to your network.\u00a0 Most security controls frameworks have as their most fundamental controls to implement.\u00a0 For corporations with mature procurement processes this is easier, but what about a home user… What else can be done?<\/h3>\n
\n
![\"\"](\"https:\/\/secognition.com\/wp-content\/uploads\/2021\/09\/rumbledash-1.png\")
<\/p>\n![\"\"](\"https:\/\/secognition.com\/wp-content\/uploads\/2021\/09\/rumbleasset.png\")
<\/p>\n
Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[9,5],"tags":[],"class_list":["post-588","post","type-post","status-publish","format-standard","hentry","category-asset-inventory","category-security"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/secognition.com\/index.php?rest_route=\/wp\/v2\/posts\/588","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secognition.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secognition.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secognition.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secognition.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=588"}],"version-history":[{"count":0,"href":"https:\/\/secognition.com\/index.php?rest_route=\/wp\/v2\/posts\/588\/revisions"}],"wp:attachment":[{"href":"https:\/\/secognition.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=588"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secognition.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=588"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secognition.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=588"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}