DrayTek Firewall Scan

CyberCNS can evaluate the security configuration of your DrayTek Firewall and flag any potential shortcomings. You can initiate a Firewall Scan from the Integrations menu.

Navigate to Integrations

  1. In the CyberCNS portal, navigate to Global Settings() > Integrations OR Company View> Integrations and choose DrayTek.

  2. Next, is to add credentials for your DrayTek firewall.

Enter Credentials

Credentials should have ssh access to the firewall from the probe machine.

  1. Enter Name: Choose a name of your choice for the credentials to be added.

  2. Enter Hostname/IP Address: Enter a Hostname/IP address for the credentials to be added.

  3. Enter SSH Port Number: Enter the Port Number for the credentials to be added.

  4. Enter Username: Enter the username used to log in to DrayTek Firewall. It is recommended that you define a special username to be used exclusively for these scans so that they can be identified in the firewall’s logs.

  5. Enter Password: Enter the password used to log in to DrayTek Firewall.

6. Select an associated company: Select the existing company in order to add the firewall as an asset of that company.

7. Select Probe/Agent: Select a Probe/Agent of the selected company to be used for the scan.

  • If no Probe agent is installed for the company, an external scan agent can be used to initiate firewall scans from the CyberCNS Server (e.g. abc.mycybercns.com) provided the firewall is reachable from an external scan agent, i.e. Firewall to have WAN IP.

  • Once all the data has been entered, click Save.

Note that multiple credentials can be added by using the '+' sign. Each set of credentials can be attached to a company and then to an agent under that company.

After the credentials have been successfully added to the company, the Firewalls tab will be added to the Main Menu.

  • Navigate to the Firewalls section and click Firewall Scan to initiate a scan of all the configured firewalls.

  • When the scan is complete, details of the System Details and AccessRules will be populated for the DrayTek Firewall.

  • Completed firewall scans are listed with timestamps as shown below. To view the results of a scan, click the scan in the list.

  • The scan results can be downloaded as a report in the Microsoft Word .docx format by clicking Download Report.

Firewall scan using the external agent

  • Here is a list of the CyberCNS IP addresses. Please use the IP address to allow for scanning through External Agent.

Region

Originating IP Address on Integration

USWEST2

44.231.123.15

EUCENTRAL1

35.158.55.215

EUWEST2

13.41.172.255

APSOUTHEAST2

54.206.202.191

USEAST2

3.22.165.174

This completes the documentation of the DrayTek Firewall Scan.