Before you install a sensor on a computer in your network, verify the computer meets the minimum hardware and software requirements. DigiCert sensors also have deployment and network requirements that must be met before you run your first scan.
To successfully configure a sensor, the host names for the sensor’s host device must be resolvable. For example, to resolve the host name on a Red Had Enterprise Linux server, you add it to /etc/hosts (for non-standard configurations).
The sensor host must be able to access the CertCentral cloud service and your targeted IP address.
CertCentral cloud service
Sensors must be able to communicate with CertCentral cloud to receive instructions on when to run scans and to send inventory updates when new certificates are discovered.
Target IP addresses
The firewall rules or Access Control Lists must allow the sensor to reach the target IP addresses you want scanned.
Proxy server communications
For a scan to run successfully, its sensor must be able to communicate with the CertCentral cloud service to receive instructions associated with certificate discovery and to report on certificate inventory updates. See Configure a sensor to use a proxy server for communications.
The proxy configuration for the sensor enables the sensor to communicate with CertCentral cloud service. The proxy configuration is not for enabling the sensor to scan a host.
Install the sensor where it can access the fully qualified domain names (FQDNs) and IP addresses you want scanned. We recommend installing one sensor per uninterrupted network segment.
You only need additional sensors if your network:
Additional sensors may also be useful when scanning a large number of IP addresses and ports. Splitting large IP ranges across multiple scans allows you to decrease the impact of scans on your network resources and to complete scans more quickly.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.