Overview of Asset Management within the Byos Management Console
What are Assets?
- Assets refer to devices or equipment connected to Byos Secure Edge devices.
- The internal microsegment of the Edge is responsible for conducting Asset discovery to identify all Assets and Resources connected to it.
- The information displayed for each Asset will include the Edge it is connected to and its Byos IP address in the SL Overlay
What are Resources?
Resources are specific combinations of ports, protocols, and services running on a given Asset, that have been discovered by the Byos Secure Edge. Resources will be listed in the Asset inventory by their:
- Port In/Out
- Visible in SL
Running a Discovery Scan
- When you select “Discover All Assets,” all Edges within your Byos environment will initiate a network wide scan to identify every Asset linked to every Edge. Discovered Assets will then be displayed in the Management Console’s Asset section, encompassing all Assets and Resources within your Byos environment.
- Discovered Assets and Resources are not automatically accessible through the Secure Lobby Overlay.
- Visibility of each Resource in the Overlay must be explicitly allowed by the administrator, which is a Layer 4 Access Control
Per Edge Discovery Scan
To run a discovery for a single Edge, you can click the blue button beside the Edge name.
Alternatively, you can discover the Assets for Edges in the selected filter in the Edge table
Enabling Asset Visibility in Secure Lobby
- To make a Resource visible in Secure Lobby:
- Click on the Resource
- Toggle “Visible in SL” to on
- Select the desired Port In
- Click Save
Port In Conflicts
- By default, the Port In will match the Port out of a scanned Asset. Each Resource must have a unique Port in order to access it. If that Asset adheres to the list of “known ports” maintained by IANA, and there are multiple Assets in the environment, you may experience duplicates.
- When you toggle the Visible in SL option to on, if there is a conflict, the Port In option will provide a warning that the chosen port is already in use. At this point, you are able to choose a *unique Port In for that Resource.
Once an Asset has be made visible in Secure Lobby, it can be accessed by any Edge in the Zone with approved routing.
Manually Adding Assets and Resources
Adding a Manual Asset
Some assets may not be found by the Secure Edge’s Discovery Scan. To add an Asset manually, click “Add Asset” and Add all of the necessary details:
- Asset Name
- Select which Byos Secure Edge it is connected to
- Input the LAN IP address of the Asset in the Edge’s Microsegment
- Resource Details
- Port Out
- Protocol - TCP or UDP
Adding a Manual Resource
If an Asset connected to the Byos Secure Gateway Edge has a non-standard port and service running, it may not be found by the asset discovery. In this case, you will need to manually add a resource, Select the Asset, can click “Add Resource”, and then input the required information:
- Port In
- Port Out
- Protocol - TCP or UDP
There are a number of preset filters in the Assets table
- All Assets - shows all discovered Assets, with Resources hidden for a quick glance.
- All Resources - shows all Resources (Assets are expanded) to see what ports and services are enabled and available to be enabled.
- Manually Added Assets and Resources - only shows Assets and Resources that have been manually added.
- Edge Connected to Secure Lobby - the Edges that have a connection established to the SL overlay
- Enabled Resources in Secure Lobby - only shows Resources that have been enabled to be accessed through Secure Lobby.
- Online Resources in Secure Lobby - all of the Resources that can be accessed through Secure Lobby.
Deleting Assets and Resources
At the time of a Discovery Scan, all assets connected to a Byos Secure Edge will be scanned and Discovered. Sometimes, an asset might be unplugged from an Edge, in between scans, giving the appearance that the Asset is still connected.
Deleting an Asset will remove it from the Assets table. If the Asset is reconnected to the Byos Secure Edge and a new Discovery Scan is run, the Asset will re-appear in the Table. You will be prompted to confirm you wish to delete the Asset.
Deleting a Resource works the same way.
Last updated on October 24, 2023