Networks: Overview

Summary: A high-level overview of networks in Ivanti Neurons.

Two critical elements in the Ivanti Neurons platform are networks and groups. Networks determine an asset’s uniqueness, while groups provide access controls to assets. There is no hierarchical relationship between networks and groups.

Networks are managed on the Organize > Networks page in Ivanti Neurons.

When setting up a new connector, you typically link that connector directly to a network. The connector will automatically add new assets and findings to that network. If you want to upload findings manually, you must also choose a network during the setup process.

Ivanti Neurons uses networks to determine how the platform should identify unique assets from vulnerability scanner data. Depending on the network precedence rules, the platform may use one or more identifiers to determine the uniqueness of an asset. The platform has a default set of network precedence rules for each type of scanner. For more information on network precedence, visit Asset Identification for Deduplication.

If you anticipate issues with identifying assets accurately due to duplicate identifiers (such as overlapping IP address ranges), you can place assets in different networks. Assets in each network are treated as unique. The data will not be merged if they are uploaded to separate networks.

A common use case for defining and leveraging more than one network of the same aggregation type would be organizations that grow through acquisition. Suppose your environment uses the 10.5.10.x space for workstations, and you acquire a new location that leverages the same 10.5.10.x address space. In that case, we suggest creating a second network to upload the acquired office’s scan data. This allows the Ivanti Neurons platform to keep hosts with identical IP addresses as separate entities.

Deprecation of IP and HOSTNAME Networks

Some users will see networks of the IP and HOSTNAME types within their clients. These older networks identify the uniqueness of an asset based on the IP Address or hostname of an asset, respectively. Although you can still upload data into one of these older networks, you can only create new networks of the MIXED type. MIXED networks follow network precedence rules.