Cortex Xpanse identifies Remote Attack Surface asset types.
Using the device data from Cortex XDR or GlobalProtect, Cortex Xpanse identifies the following Remote Attack Surface asset types:
Workforce Device—Device on which the XDR agent is installed. All Workforce Devices have a public IP address that is either part of a Remote Network or, if the public IP address overlaps with your organization’s asset map, a Corporate Network. Cortex Xpanse categorizes Workforce Devices as Assets.
Network—A Network is a collection of Workforce Devices that share a Public IP address. Devices cannot belong to more than one Network at a time; however, devices can move from one Network to another. A Network can be either Corporate or Remote depending on whether the Public IP address of the Network overlaps with any of the organization’s other assets. Cortex Xpanse categorizes Networks as Assets.
Corporate Network—A Corporate Network is a type of Network that includes all devices that connect to the Internet through a public IP address that is owned or managed by the organization, including Remote Devices connected to the VPN. Ownership of the IP address is inferred by the overlap between a Network and other assets in Xpanse.
Remote Network—A Remote Network is a type of Network in which all devices connect to the Internet through a public IP address that is not owned or managed by your organization. An example of a Remote Network is an employee using their home ISP connection without connecting to the VPN.