Activate the Network Mapper - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Pro Administrator Guide

Cortex XDR
Creation date
Last date published
Administrator Guide

Learn more about activating the Network Mapper to scan your network.


After you have configured and registered your Broker VM, you can choose to activate the Network Mapper application.

The Network Mapper allows you to scan your network to detect and identify unmanaged hosts in your environment according to defined IP address ranges. The Network Mapper configurations are used to locate unmanaged assets that appear in the Assets table.


Activating the Network Mapper requires a Cortex XDR Pro per Endpoint or Cortex XDR Pro per GB license.

  1. Select SettingsConfigurationsData BrokerBroker VMs.

  2. In either the Brokers tab or the Clusters tab, locate your Broker VM.

  3. You can either right-click the Broker VM and select Add AppNetwork Mapper, or in the APPS column, left-click AddNetwork Mapper.

  4. In the Activate Network Mapper window, define the following parameters:

  5. Activate the applet.

    After a successful activation, the APPS field displays Network Mapper with a green dot indicating a successful connection.

  6. In the APPS field, left-click the Network Mapper connection to view the following scan and applet metrics:

  7. Manage the Network Mapper.

    After the network mapper has been activated, left-click the Network Mapper connection in the APPS column to display the Network Mapper settings, and select:

    • Configure to redefine the network mapper configurations.

    • Scan Now to initiate a scan.

    • Deactivate to disable the network mapper.