How does Kenna determine if an asset already exists?

Kenna makes every attempt to de-duplicate asset data in the platform. Below is the order of preference (High to Low) given to asset locator data in order to assess if an asset already exists in the environment:

  1. EC2 identifier
  2. MAC address
  3. NetBIOS
  4. external IP address
  5. hostname
  6. URL
  7. file name
  8. fully qualified domain name (FQDN)
  9. application name
  10. internal IP address (RFC 1918)
  11. scanner-specific asset ID (eg Qualys host ID, Nexpose device-id)

For example, in a DHCP environment where internal IP addresses are being reissued, you must use a credentialed scan to bring in more specific information for each asset. This way IP addresses can be reissued to assets and be identified by another locator field. You also want to make sure that locator field is higher on the list than IP address. For example, using “hostname” and moving it up the list or using “MAC address.”

 

This preference list can be adjusted as needed. If you would like to change your asset locator preference please contact Kenna support. The Kenna Support team can help you assess the optimal custom locator order for your organization by analyzing which locators are most duplicated.

 

 

Powered by Zendesk