Windows Collection - SMB Versions
Question: What versions of SMB does the platform support Answer: The platform supports SMB versions 1, 2, and 3, and uses the highest supported protocol version advertised by the server.
Question: What versions of SMB does the platform support Answer: The platform supports SMB versions 1, 2, and 3, and uses the highest supported protocol version advertised by the server.
Question: We added database credentials but the database report did not appear automatically Answer: The platform requires devices to be licensed for visibility into performance, traffic, and Database information. Once devices have been licensed...
Question: We are unable to collect Netstat on some of our servers. The Windows validation is showing netstat -anop TCP Output [-] ERROR: NT_STATUS_LOGON_FAILURE. Answer: Please verify removing the domain portion in the user field and inputting i...
Question: Due to security reason, the client was asking if it is ok if they don't allow access to this? " Backup & Growth" Answer: The Backup & Growth hostname/IP addresses can be ignored at this time. This particular NOC is used if issues arise...
Question: We are using a different method for database authentication than your appliance allows and we are questioning whether it's possible to use hostnames instead of IP addresses. Answer: Currently the Discovery process of the RISC platform...
Question: In the Economics report, what is the difference between CPU_util_percent, CPU_avg_percent, and CPU_max_percent? Answer: CPU_util_percent indicates the 95th average utilization, CPU_avg_percent indicates the observed average CPU utiliza...
Question: Can I get an API key to the customer sandbox? Answer: An API key is not tied to a subscription/assessment/user. It permits access to the APIs. All entitlement is done through the user credential. A user can use the API key they are alr...
Question: While discovering the servers from RN150 appliance, it fails with reason "NTSTATUS: NT code 0xc002001b - NT code 0xc002001b". Answer: The NT code 0xc002001b, indicates RPC_NT_CALL_FAILED (The remote procedure call failed.) This indicat...
Question: Are we able to shrink the port range the RN150 uses to connect for WMI to just the 2008+ Server ports (TCP 49152-65535)? Answer: WMI is a Microsoft service that requires TCP 135 (RPC) and available ranges 49152-65535. This is a hard ...
Question: Lets say we go with a controlled discovery (input IPs/Hostnames only). Servers A and B are in the list and are completely discovered. Server C is not in the listed but interact with the application on A and B. Will the server C be shown a...
Question: Can I do a quick and dirty discovery with no SNMP or username-password? Will the quick and dirty discovery provide me with any usable insight in the interim? Answer: You may run a Discovery scan without inputting credentials, however...
Question: How do I gracefully shutdown to disable alerts? Answer: To shutdown gracefully and disable offline alerts you’ll need to click the “END Assessment” button from the RN150 UI. Goto Dashboard/Assessment Status/End Assessment. You can ...
Question: We attempted test and validation but it just seemed to spin and then timeout without any information Answer: Typically a timeout will indicate the remote IP is not IP reachable from the RN150 appliance subnet however, seeing 'Access ...
Question: We are seeing a number of devices in the asset report with ACCESS DENIED status. Answer: Access denied is received by the RN150 appliance from the remote server when the Windows credential does not have the correct privilege level to...
Question: How is Network Cloud Pricing calculated? Answer: Cloud pricing for network is 'worst case scenario'. The pricing is based on all egress traffic for each licensed device. The assumption is made that the egress traffic will exit the cl...
Question: What is the purpose of the Application Instance tag in the Assets section and can it also be applied to Linux? (In our environment for example there is no Linux tag for that but for Windows the content of the tag just says installed) ...
Question: Can we do storage to host mapping outside of mapping NFS? Answer: The platform can map NFS and SMB, and iSCSI from the O/S level (I.e., Microsoft iSCSO client). The platform cannot map from the VM host to nfs or block storage provide...
Question: What does it mean when an asset is labeled as "RISCdecom"? Answer: Devices are categorized as 'RISC-Decom' when a rescan has occurred and 'View Changes' was selected for the rescan, and the device did not respond successfully. (Time...
Question: How do we report the issues encountered? Example, If a device has exceeded the threshold for CPU utilization (I.e., > 90%). How is this calculated? When we see > 90% between polls? > 90% over the course of one minute, etc? Answer: Th...
Question: When the RN150 is collecting netstat data, does it use \\127.0.0.1\admin$ or does it use the connection IP, \\10.0.0.1\admin$? Answer: A DCE/RPC connection is then opened to deliver the command to the cmd.exe utility. The command iss...