1

I am just wonder if I have a mirror/identical (high availability server) server in my CDE segment, is that mirror server need be in scanning scope?

If it is not in the scope, in the scanning report do I need to have a special note or remark on that particular server to show that it is a mirror server of XX server.

overshadow
  • 351
  • 3
  • 5
  • 17
  • I don't know the answer, but why would you think it *isn't* equally in scope? – Bobson Sep 13 '17 at 11:13
  • I am just thinking to cut cost, if it is the identical server maybe we can ignore the scanning for this mirror server (secondary server) and just proceed to scan only the primary server. Not sure it is doable. – overshadow Sep 13 '17 at 18:45

1 Answers1

3

Yes, the mirror server must be scanned and listed separately in your asset inventory. Identical in technology is never truly identical. All you need is to miss one patch or miss one configuration item on one of the servers.

waltonob
  • 399
  • 2
  • 9