Devices¶
Device inventory and management.
Device List¶
| Column | Description |
|---|---|
| Risk | Security risk level (color-coded) |
| IP | Network address |
| Hostname | DNS/NetBIOS name |
| Label | Your custom name |
| Vendor | OUI-based manufacturer |
| Zone | Network segment |
| Ports | Open port count |
Filters¶
Quick Filters¶
| Filter | Options | Use Case |
|---|---|---|
| Search | IP, hostname, MAC, vendor, label | Find specific device |
| Risk Level | Critical, High, Medium, Low, None | Focus on risky devices |
| Trusted | All, Trusted, Untrusted | Show/hide known devices |
| Zone | Your configured zones | Filter by segment |
Advanced Filters¶
Port Filtering
Find devices with specific ports open:
- Single port:
22 - Multiple ports:
80,443 - Port range:
8000-9000
Example: Filter by 22 to find all SSH servers.
Combining Filters
Filters stack together. For example:
- Zone:
IoT+ Risk:High= High-risk IoT devices - Search:
proxmox+ Ports:8006= Proxmox web interfaces
Quick Actions¶
Context menu () on each row:
| Action | Description |
|---|---|
| Copy IP | Copy IP to clipboard |
| Copy MAC | Copy MAC address |
| Scan Device | Run targeted scan |
| Toggle Trusted | Mark as trusted/untrusted |
| View Details | Open device detail page |
Device Details¶
Click any device to see the full detail page.
Info Tab¶
| Field | Description |
|---|---|
| IP Address | Current network address |
| MAC Address | Hardware address |
| Hostname | DNS/NetBIOS name |
| Vendor | Manufacturer (from OUI lookup) |
| OS | Operating system (if detected) |
| First Seen | When device was first discovered |
| Last Seen | Most recent scan appearance |
| Risk Score | Calculated security risk |
Ports Tab¶
| Field | Description |
|---|---|
| Port | Number and protocol (TCP/UDP) |
| State | open, filtered, closed |
| Service | Service name (ssh, http, etc.) |
| Product | Software name |
| Version | Software version |
Version Detection
For accurate version detection, run Normal or Intensive scans. Quick scans don't detect service versions.
Security Tab¶
| Section | Description |
|---|---|
| Threat Summary | Human-readable risk assessment |
| Risk Details | Breakdown of contributing factors |
| Recommendations | Actionable remediation steps |
| CVEs | Known vulnerabilities (if CVE integration enabled) |
Sample Threat Summary
This device has High risk due to exposed SMB service (port 445) and outdated SSH version. SMB is a common target for ransomware. Consider blocking external access and updating the SSH server.
Settings Tab¶
| Field | Description |
|---|---|
| Label | Friendly name (e.g., proxmox-01) |
| Zone | Network segment |
| Trusted | Mark as known/expected |
| Notes | Free-form notes |
Zones¶
Organize devices by function for easier management.
Suggested Zones¶
| Zone | Purpose | Examples |
|---|---|---|
| Servers | Infrastructure | NAS, hypervisors, Docker hosts |
| Network | Network equipment | Routers, switches, APs, firewalls |
| Workstations | User devices | Desktops, laptops |
| IoT | Smart devices | Cameras, thermostats, sensors |
| DMZ | Exposed services | Web servers, VPN endpoints |
| Management | Admin interfaces | IPMI, iLO, iDRAC |
| Storage | Storage devices | SAN, backup targets |
Custom Zones
Create your own zones in Settings Zones. Zone names are freeform.
Best Practices¶
Device Organization Workflow
- After first scan: Label all known devices
- Assign zones: Group by function
- Mark trusted: Reduce alert noise
- Add notes: Document purpose, owner, etc.
- Regular review: Check for unknown devices