I have to admit first off that I'm unfamiliar with the concept of Unix Estates, Global Zones and Child Zones. In fact I'm not sure you are in the right forum. Which product are you using for your scanning, McAfee Vulnerability Manager, formally Foundstone?
If you are using McAfee Vulnerability Manager I can confirm that we can scan anything with an IP Address. We don't use the concept of zones though in our scanning. Let me know what product you are using and I'll see what I can do to help you.
I am using the McAfee Foundstone 6.5 scanners. I have quite a large deployment - 2 x fs1000 and 4 x fs850.
Solaris 10 allows you to build "vm" hosts (containers) on a platform - Global Zone. When we scan the Global Zone and its VM hosts we encounter the problem. For example we input 2 vm ips and the report returns 2 hosts with the same IP addresses. When we scan only the Global Zones - we encounter no issues. When we scan 1 Global Zone and 8 VM hosts we may get 4 hosts / results returned - Let me know if I need to attach any reports etc,
When you scan a Global Zone do all of the VM targets have a unique IP Addresses that can be directly reached by the scanner?
Does each VM have a unique MAC address?
My guess is that either their is an issue with the Asset Identification rules or the VM's being scanned are not returning unique information (MAC, IP Address).
My suggestion is to open a service request for this issue.
For contact details:
- Go to: http://www.mcafee.com/us/about/contact/index.html
- Non-US customers - select your country from the list of Worldwide Offices.
Log in to the ServicePortal at: https://mysupport.mcafee.com:
- If you are a registered user, type your User Id and Password and click OK.
- If you are not a registered user, click New User and complete the required fields. Your password and login instructions will be emailed to you.