Initiating a Managed Devices Scan

From the CERT+ menu, under CERTIFICATE DISCOVERY, select Discovery > Managed Devices Scan.

The Discovery : Managed Devices Scan : Add Discovery page is displayed.

To initiate a network certificate discovery scan, enter/select the Discover Details.

To specify the frequency at which the certificate discovery scan will be triggered, select the Discovery Run Type.

Table 1. Discovery run type options
Frequency Type	Description
On-demand	The certificate discovery scan will be triggered manually by the user as and when required.
Scheduled	The certificate discovery scan will be triggered automatically at the specified time and date.

Enter/Select the details for initiating an on-demand managed devices certificate discovery scan.

Table 2. Field descriptions for **on-demand** discovery
Frequency Type	Description
Discovery Instance Name	Enter a name for the discovery instance.
Description	Enter additional details related to the discovery option. Note: Character limit: 2000 characters

OR

Enter/Select the details for initiating a scheduled managed devices certificate discovery scan.

Table 3. Field descriptions for **scheduled** discovery
Frequency Type	Description
Discovery Instance Name	Enter a name for the discovery instance.
Description	Enter additional details related to the discovery option. Note: Character limit: 2000 characters
Occurrence Type	From the dropdown list, from the following options, select an occurrence frequency: Daily Weekly Monthly Yearly
*Repeat On	Note: This field is displayed only when Occurrence Type = Weekly. Select the checkbox corresponding to the day of the week on which you want the discovery occurrence to repeat.
*Starts On	Click (Calendar widget) to select a date to start the scheduled discovery.
*Ends	From the following options, select when the scheduled discovery is to end: Never: Discovery never stops. After : Discovery stops after the number of occurrences specified in the text field. On: Discovery stops on the date selected using the calendar widget .
Summary	Displays a summary of the selections made for scheduled discovery

In the Discover By section, from the Discovery From dropdown list, select the source for the certificate discovery.

Managed ADCs

Table 4. Instruction for discovering certificates from Managed ADCs
Field	Description
*Discovery From	From the dropdown list, from the following options, select the source of the discovery: Managed ADCs Managed Servers Managed MDMs Managed Firewalls Managed WAFs Internal
Devices window	A list of all the managed devices is displayed in the devices window. Select devices to discover certificates from. The devices window has the following option: Add as Favorites: You can mark your frequently used devices as favorites. All: Select this to see the complete list of devices (unfiltered). Selected: Select this to list only the selected devices. Unselected: Select this to list only the unselected devices. Delete: Delete the required devices from the favorites list.
Execute Batches Sequentially	To execute the discovery operation on the specified batches sequentially, select this checkbox.
*Interval Between Batches	If Execute Batches Sequentially is selected, enter a interval duration (in minutes) in this field. The sequential execution of the batches is spaced according to the interval value entered hee.
*Discovery Type	Note: This field is hidden when Discovery From = Managed MDMs/Managed Firewalls/Managed WAFs From the following options, select one: All Certificates: Select this to discover all certificates. Certificates in Use: Select this to discover only those certificates that are associated with a service.
*Directories to Scan	Note: This field is displayed only when Discovery From = Managed Servers/Internal From the following options, select one: Default: Select this to discover certificates from the default configuration directory. Custom: Select this to discover certificates from a custom configuration directory defined by the user.
Directory Name	If Directories to Scan = Custom, enter the name of the custom configuration directory in this field and click Add.

Managed Servers

Table 5. Instruction for discovering certificates from Managed Servers
Field	Description
*Discovery From	From the dropdown list, from the following options, select the source of the discovery: Managed ADCs Managed Servers Managed MDMs Managed Firewalls Managed WAFs Internal
Devices window	A list of all the managed devices is displayed in the devices window. Select devices to discover certificates from. The devices window has the following option: Add as Favorites: You can mark your frequently used devices as favorites. All: Select this to see the complete list of devices (unfiltered). Selected: Select this to list only the selected devices. Unselected: Select this to list only the unselected devices. Delete: Delete the required devices from the favorites list.
Execute Batches Sequentially	To execute the discovery operation on the specified batches sequentially, select this checkbox.
*Interval Between Batches	If Execute Batches Sequentially is selected, enter a interval duration (in minutes) in this field. The sequential execution of the batches is spaced according to the interval value entered hee.
*Discovery Type	Note: This field is hidden when Discovery From = Managed MDMs/Managed Firewalls/Managed WAFs From the following options, select one: All Certificates: Select this to discover all certificates. Certificates in Use: Select this to discover only those certificates that are associated with a service.
*Directories to Scan	Note: This field is displayed only when Discovery From = Managed Servers/Internal From the following options, select one: Default: Select this to discover certificates from the default configuration directory. Custom: Select this to discover certificates from a custom configuration directory defined by the user.
Directory Name	If Directories to Scan = Custom, enter the name of the custom configuration directory in this field and click Add.

Managed MDMs

Table 6. Instruction for discovering certificates from Managed MDMs
Field	Description
*Discovery From	From the dropdown list, from the following options, select the source of the discovery: Managed ADCs Managed Servers Managed MDMs Managed Firewalls Managed WAFs Internal
Devices window	A list of all the managed devices is displayed in the devices window. Select devices to discover certificates from. The devices window has the following option: Add as Favorites: You can mark your frequently used devices as favorites. All: Select this to see the complete list of devices (unfiltered). Selected: Select this to list only the selected devices. Unselected: Select this to list only the unselected devices. Delete: Delete the required devices from the favorites list.
Execute Batches Sequentially	To execute the discovery operation on the specified batches sequentially, select this checkbox.
*Interval Between Batches	If Execute Batches Sequentially is selected, enter a interval duration (in minutes) in this field. The sequential execution of the batches is spaced according to the interval value entered hee.
*Discovery Type	Note: This field is hidden when Discovery From = Managed MDMs/Managed Firewalls/Managed WAFs From the following options, select one: All Certificates: Select this to discover all certificates. Certificates in Use: Select this to discover only those certificates that are associated with a service.
*Directories to Scan	Note: This field is displayed only when Discovery From = Managed Servers/Internal From the following options, select one: Default: Select this to discover certificates from the default configuration directory. Custom: Select this to discover certificates from a custom configuration directory defined by the user.
Directory Name	If Directories to Scan = Custom, enter the name of the custom configuration directory in this field and click Add.

Managed Firewalls

Table 7. Instruction for discovering certificates from Managed Firewalls
Field	Description
*Discovery From	From the dropdown list, from the following options, select the source of the discovery: Managed ADCs Managed Servers Managed MDMs Managed Firewalls Managed WAFs Internal
Devices window	A list of all the managed devices is displayed in the devices window. Select devices to discover certificates from. The devices window has the following option: Add as Favorites: You can mark your frequently used devices as favorites. All: Select this to see the complete list of devices (unfiltered). Selected: Select this to list only the selected devices. Unselected: Select this to list only the unselected devices. Delete: Delete the required devices from the favorites list.
Execute Batches Sequentially	To execute the discovery operation on the specified batches sequentially, select this checkbox.
*Interval Between Batches	If Execute Batches Sequentially is selected, enter a interval duration (in minutes) in this field. The sequential execution of the batches is spaced according to the interval value entered hee.
*Discovery Type	Note: This field is hidden when Discovery From = Managed MDMs/Managed Firewalls/Managed WAFs From the following options, select one: All Certificates: Select this to discover all certificates. Certificates in Use: Select this to discover only those certificates that are associated with a service.
*Directories to Scan	Note: This field is displayed only when Discovery From = Managed Servers/Internal From the following options, select one: Default: Select this to discover certificates from the default configuration directory. Custom: Select this to discover certificates from a custom configuration directory defined by the user.
Directory Name	If Directories to Scan = Custom, enter the name of the custom configuration directory in this field and click Add.

Managed WAFs

Table 8. Instruction for discovering certificates from Managed WAFs
Field	Description
*Discovery From	From the dropdown list, from the following options, select the source of the discovery: Managed ADCs Managed Servers Managed MDMs Managed Firewalls Managed WAFs Internal
Devices window	A list of all the managed devices is displayed in the devices window. Select devices to discover certificates from. The devices window has the following option: Add as Favorites: You can mark your frequently used devices as favorites. All: Select this to see the complete list of devices (unfiltered). Selected: Select this to list only the selected devices. Unselected: Select this to list only the unselected devices. Delete: Delete the required devices from the favorites list.
Execute Batches Sequentially	To execute the discovery operation on the specified batches sequentially, select this checkbox.
*Interval Between Batches	If Execute Batches Sequentially is selected, enter a interval duration (in minutes) in this field. The sequential execution of the batches is spaced according to the interval value entered hee.
*Discovery Type	Note: This field is hidden when Discovery From = Managed MDMs/Managed Firewalls/Managed WAFs From the following options, select one: All Certificates: Select this to discover all certificates. Certificates in Use: Select this to discover only those certificates that are associated with a service.
*Directories to Scan	Note: This field is displayed only when Discovery From = Managed Servers/Internal From the following options, select one: Default: Select this to discover certificates from the default configuration directory. Custom: Select this to discover certificates from a custom configuration directory defined by the user.
Directory Name	If Directories to Scan = Custom, enter the name of the custom configuration directory in this field and click Add.

Internal

Table 9. Instruction for discovering certificates from internal devices
Field	Description
*Discovery From	From the dropdown list, from the following options, select the source of the discovery: Managed ADCs Managed Servers Managed MDMs Managed Firewalls Managed WAFs Internal
Devices window	A list of all the managed devices is displayed in the devices window. Select devices to discover certificates from. The devices window has the following option: Add as Favorites: You can mark your frequently used devices as favorites. All: Select this to see the complete list of devices (unfiltered). Selected: Select this to list only the selected devices. Unselected: Select this to list only the unselected devices. Delete: Delete the required devices from the favorites list.
Execute Batches Sequentially	To execute the discovery operation on the specified batches sequentially, select this checkbox.
*Interval Between Batches	If Execute Batches Sequentially is selected, enter a interval duration (in minutes) in this field. The sequential execution of the batches is spaced according to the interval value entered hee.
*Discovery Type	Note: This field is hidden when Discovery From = Managed MDMs/Managed Firewalls/Managed WAFs From the following options, select one: All Certificates: Select this to discover all certificates. Certificates in Use: Select this to discover only those certificates that are associated with a service.
*Directories to Scan	Note: This field is displayed only when Discovery From = Managed Servers/Internal From the following options, select one: Default: Select this to discover certificates from the default configuration directory. Custom: Select this to discover certificates from a custom configuration directory defined by the user.
Directory Name	If Directories to Scan = Custom, enter the name of the custom configuration directory in this field and click Add.

In the Discovery Rules section, from the Associate Rule dropdown list, select a rule that will be used to filter the discovered certificates.

A setof filters is combined to create a rule, from the Rules menu. The selection of rules will apply respective filters on discovered certificates.

In the After Discover section, enter/select the following details:

Table 10. Field descriptions for the **After Discover** section
Field	Description
*Move Certificate to Inventory with Status	Select from one of the following options: Do not move: The newly discovered certificates and their objects will not be moved to the inventory. Managed: The newly discovered certificates and their objects will be moved to the inventory with the status set to Managed. Monitored: The newly discovered certificates and their objects will be moved to the inventory with the status set to Monitored.
Use Access Control Rule	To apply the rule configured using Access Control, select this checkbox. Note: If this checkbox is enabled, the certificate group will be associated automatically by the rule in access control.
*Certificate Group	From rthe dropdown list, select a certificate group to which the discovered certificates will be associated. Based on the group association, a policy will also be applied to these certificates, which will help ascertain compliance or non-compliance.

Click Discover/Schedule to trigger the on-demand/scheduled discovery, respectively.