Hackers typically search for and exploit open network ports for nefarious reasons. Atera's Network Discovery lets you scan for open ports on your networks so you can discover and take action on these security vulnerabilities. Check out Activate Network Discovery for complete information on signing up for and setting up Network Discovery.

Advanced scan settings explained

When setting up or updating a site’s scan settings, you can configure the port range, scan speed, and protocol — key factors that define the depth and security of each scan. Advanced settings can be set within a site's scan page, under Scan settings (click Show more).

When setting up or updating a customer's scan settings, you can configure the port range, scan speed, and protocol — key factors that define the depth and security of each scan. Advanced settings can be set within a customer's scan page, under Scan settings (click Show more).

Port range

• Top 100: This is the default scan, providing fast device and OS detection using the most common TCP ports — great for a quick inventory sweep.
• Top 1000: A broader check that includes the top 100 plus the next 900 most common ports — useful when you need deeper discovery.
• Custom: Starts with the top 100, then scans any port range you specify and lets you pick scan speed — ideal for targeted checks or compliance audits.

Note:

• If selecting 'Top 1000' or 'Custom', you can then set the scan speed and protocol as well.
• Selecting 'Custom' increases scan time. Use it when you need additional ports or finer control, but expect longer runs. 

Scan speed

• T1: Very slow; ideal for slipping past IDS.
• T2: Slow; kind to bandwidth and target machines.
• T3: Balanced default speed for everyday scans.
• T4: Faster; for reasonably fast, stable networks.
• T5: Very fast; trades a bit of accuracy for speed.

Note: You can only set the scan speed when selecting top '1000 ports' or 'Custom' port range.

Protocol

TCP is selected by default (TCP + UDP support is coming soon).

We recommend starting with T3 for general discovery. Use slower speeds for sensitive networks or faster speeds when you need results quickly and the network can handle it.

Note: You can only select the protocol when selecting top '1000 ports' or 'Custom' port range.

Set up a scan

For info on setting up Network Discovery scans, see Network Discovery: Set up scans

Scan results

Once your scan is complete, open Network Discovery and return to the site to view security details. The Security tab has 3 sub-tabs:

Once your scan is complete, open Network Discovery and return to the customer to view security details. The Security tab has 3 sub-tabs:

• Devices: Displays a list of all the devices in the scanned network, where you can see each device name, the number of open ports (per device), device type, IP address, manufacturer, and OS platform. Click anywhere on the Device Name row to expand it and see further details regarding the ports (port number, state, port type, service, and version).
• Open ports: Displays a list of all open ports related to the devices in the scanned network, and includes the port number, state, port type, service, and number of devices associated with each port number. Click anywhere on the Port Number row to see the number of devices affected, the device type, IP address, manufacturer, and OS platform.
• Potential CVEs: Displays a list of all potential CVEs, including the Common Vulnerability Scoring System (CVSS), severity, and number of devices affected. Click anywhere on the CVE ID row to see the device name, the IP address, OS platform, port number, port type, service, and version. Click the CVE ID to learn more (you’ll be redirected to https://vulners.com).

For more info on scan results and available actions (beyond just security considerations), see Network Discovery: Scan results and actions