25 Jul 2022

Scanning for internal vulnerabilities

Agent-based and Network-based

We cannot ensure the security of your network system without good external and internal protection.. One method that, along with others, ensures the internal protection of your network is to make a internal vulnerability scanning. Specific interfaces are scanned (IP addresses, etc.) to detect any vulnerability. The scan is non-invasive., so it can be launched without stopping network activity, since this will run in the background. There are two main types of internal vulnerability scanning: agent-based y network-based. We will analyze them in more depth below..


This scan is launched from a physical box on your network (“scanning appliance”), or in a virtual machine that is in the cloud. This is the most traditional scan.

Its goal is to identify weak points in the network that could be exploited by hackers or other threats. Also, allows to verify the effectiveness of network security systems, doing an internal and external study. Nevertheless, it is necessary to keep a very good record of all the inventory connected to the network, in addition to the systems (from installed firewalls to operating systems). 


This scan throws "Security agents on your devices. They use the software scanners present in all the devices and centralize the information obtained in a central server. It's a newer scan.

The information they collect is similar to that of a network-based scan.. This scan is time consuming, but it can work even if the scanner is not installed. It is the preferable alternative especially if you cannot ensure connectivity throughout the network system.. For example, in the case of a mobile phone that is not connected to a core network, this type of scan is very useful. An example is the Intruder agent-based scan tool.. It is preferred by banks and large companies worldwide.


Functionsperforms critical functions.Low-impact software that monitors different aspects of the system.
DependenceWorks well with minimal actuation and reduces agent maintenance.There is an external dependency. May reduce the effectiveness of scanners.
connectivityYou need all devices to be connected on the network.You need specific software to access each aspect separately.
RoofAll devices have an IP address, so lets get to scan devices like printers, or even automatic lights.Agents cannot be installed on everything. Nevertheless, you can do remote device scanner (very useful in a company that allows you to work from home).
DepartmentIf the network uses a fixed IP addressing protocol, there is no problem.. But if the addresses are assigned dynamically, it will be difficult to implement.Allows you to more effectively measure and declare the efforts required to correct vulnerabilities. Agents bind to the device, not to IP address.
MaintenanceYou need to have very well documented network devices.Easy maintenance.
Both one and the other is useful

In conclusion, depending on your system there will be a scan or another that goes better, but in most cases we are interested in doing both scans. Network-based scans are faster, fewer contaminants and reduce false positives. Nevertheless, are unable to reach remote devices, for instance. Since today most networks allow the connection of devices not in the central perimeter (namely, remote), although installation and use of agent-based scanning is difficult, necessary. A mix of the two ensures maximum protection and security.

More articles

17 Oct 2022

We are pleased to announce that we have obtained the certification in the National Security Scheme. That is why we tell you what it consists of and what its main elements are. What is the National Security Scheme? The National Scheme of

Read more
07 Oct 2022

Fundamental Aspects of Loops Loops is structured around three basic pillars, that define why we are who we are, this is why we have decided to make a brief presentation of the company. Technical Vocation “Curiosity without limits”

Read more
29 Sep 2022
Cloud security: Possible threats and solutions

Cloud Security: what it consists of 2020 we observe a change in the way of working. The use of the cloud became popular and today its use is found practically everywhere due to its lower costs and better reliability of having servers online.

Read more