Configure scan exclusions
The Scan Exclusion List is a list of specific IP addresses and ports that you do not want the scanner to scan. This can include devices with non-optimally designed or implemented embedded network stacks that can behave unexpectedly when scanned. For example, printers or consumer-grade WiFi access points can have unexpected output or reboot when scanned. You can decide not to scan these devices.
Work with your Concierge Security® Team (CST) to reduce the number of devices on your denylist because threat actors can use it to compromise your network.
Add an IP address or port to the Scan Exclusion List
- In the navigation menu, click
Data Collection > Scanners.
- In the Add Scan Exclusion section, do one of these actions:
- Enter an IP address, IP address range, or a CIDR address range in the field.
- Click
Upload, find your CSV file that contains the IP addresses, IP ranges, or CIDR notation that you want to use for hostname resolution, and then click Open.
Note:- When uploading a Microsoft Excel CSV file, do not use column headings. Separate entries by row.
- To specify a range of IP addresses or ports, use a dash (-). For example,
10.0.0.1-10.0.0.3expands to10.0.0.1,10.0.0.2,10.0.0.3. - To specify a CIDR block, use a comma-separated list. You can enter individual hosts without the
/32specification or networks in the same CIDR X.X.X.X/Y. - Duplicate entries will fail. For example, an error appears if you try to add an IP address that is already in the Scan Exclusion List or if if you try to import a CSV file that has any IP addresses that are already in the Scan Exclusion List.
- Add a single scan exclusion entry:
- In the IP Address/Range field, enter an IP address, IP address range, or a CIDR block. For example, 10.171.154.110, 10.173.100.34-10.173.241.10, or 10.174.15.0/24.
- (Optional) In the Ports field, enter one or more ports to exclude. For example, 443, 5533-5632, or 433, 3389.
- Click Add.
- Add multiple scan exclusions entries using a CSV file:
- Click
Import.
- Find, and then select the CSV file that contains the IP address and port exclusions.
Note:
The CSV file can include a mix of individual IP addresses, IP address ranges, and CIDR blocks. Optionally, it can also contain ports.
If you are using a Microsoft Excel CSV file, make sure each scan exclusion entry is on a separate table row. IP addresses must be in the first column, and ports must be in the second column aligned with the corresponding IP address row. Do not include column headings. For example:
If you are using a plain text CSV file, make sure each scan exclusion entry is on a separate line. For example:CODE10.171.154.110,"433, 3389, 4443" 10.173.100.34-10.173.241.10,"5533-5632" 10.174.15.0/24, 192.168.1.1/32,"433, 4443" 10.171.154.177,433 - Click Open.
- Click
Edit an IP address or port in the Scan Exclusion List
- In the navigation menu, click
Data Collection > Scanners.
- In the Scan Exclusion List, in the row of the IP address or port that you want to edit, click
Edit.
Tip: Enter the IP address or port in the Search field to filter the entries in the list.
Remove a scan exclusion from the Scan Exclusion List
- In the navigation menu, click
Data Collection > Scanners.
- In the Scan Exclusion List, in the row of the IP address or port that you want to delete, click
Delete.
Tip:- Enter the IP address or port in the Search field to filter the entries in the list.
- If you want to remove a port from existing scan exclusion, see Edit an IP address or port in the Scan Exclusion List.