Hi all,
my apologies if the question is very basic. I was asked to check if CP could monitor, for objectives of compliance, open ports on the devices and send reports in case we have deviation from pre-defined baselines.
I guess CP might only run, in case, a sort of netstat on each device and check if some daemons run on specific ports. Of course, from my understanding, it cannot launch a true TCP/UDP port-scanning and check the packets it gets or it doesn't get as a normal scan SW may do.
Am I correct with my reasoning or it's a no way?
In case, may DNAC play this role of checking the complaince from the point of view of open ports?
TIA,
Gio