Cloudhouse Guardian currently supports scanning, reporting, comparing, and tracking changes for the following services and node types. Agentless scanning is enabled by using one of our connection managers. We have both an SSH connection manager and a Windows connection manager. All Guardian instances (cloud and appliance) ship with an on-board SSH connection manager. If you are able to accept inbound SSH connections to your target nodes you can make use of it. Multiple connection managers can be used in an environment to provide load balancing and redundancy.


Server 2016, Server 2012, 2012 R2, Server 2008, 2008 R2, Windows 10, Windows Vista, Windows 7, Windows 8, Windows 8.1.

Windows nodes can be scanned using an agent (installed on each endpoint) or agentless using WinRM and a connection manager. See deployment example below.


Linux / Unix / OS X

Ubuntu, Debian, CentOS, RedHat / RHEL, Fedora, CoreOS, VMware ESX / vSphere, Citrix Xenserver, CloudLinux, Amazon Linux, Oracle Linux, Arch Linux, Solaris, SUSE, AIX, FreeBSD, OS X.

Linux nodes can be scanned using an agent or agentless using SSH. All Guardian instances (cloud and appliance) ship with an on-board SSH connection manager which can be used. See deployment example below.


Alternatively, a satellite SSH connection manager is available and can be deployed behind the firewall.


Network Devices

ArubaOS, Arista DCS, EOS, Cisco IOS, Cisco NX-OS, Cisco ASA, Cisco FWSM, Cisco CATOS, Cisco ACE, Citrix NetScaler, F5 BigIP, F5 Linerate, HP Comware, HP Procurve, Juniper JunOS, Juniper ScreenOS, Palo Alto Networks Firewalls, Riverbed Steelhead, Riverbed CMC.

Network devices can be scanned using SSH like normal linux nodes. We have configuration parsers that support the scanning of a wide range of network devices straight out of the box. An SSH connection manager can also be used to scan network devices. Refer to the linux connection manager deployment examples above.


Microsoft SQL, MySQL, Oracle, Postgres.

Databases are scanned using the Windows connection manager which will connect to databases using ODBC. The relevant database drivers will need to be installed on the connection manager virtual machine. Refer to the Windows connection manager deployment examples above.

Cloud Apps and Services

Amazon Web Services (AWS), Azure, CloudFlare, Salesforce, Google Cloud Platform (GCP), GitHub Repositories and Accounts, Office 365 Exchange, Kubernetes API

Most cloud apps are scanned using the SSH connection manager. Azure and Office 365 Exchange are however scanned using the Windows connection manager. Please refer to the corresponding connection manager deployment examples above.

What if my Device, OS or Application isn’t supported?

Directory and File Scanning

If you have an application that stores its entire configuration inside a single file or directory of files, then you can make use of the Linux Directory or Windows Directory node types. These node types allow you to specify a particular folder or list of patterns of folders, using scan options, and the entire contents of the resulting node scan will comprise entirely of the file settings and content. The connection method for Linux and Windows Directory node types is identical to Windows and Linux node types, respectively. If you require directory and file scanning on an OS other that Windows or Linux, please contact Guardian Support and we can consider adding this additional directory node type.

Alternatively, if you have a device or application that is not supported by Cloudhouse Guardian, but it is easy for you to export the configuration into some sort of output into a file, then we can also assist in setting up an automated process to export configuration to a known location and then scan the contents of those files as a Directory node type.

Pluggable Blueprints

Pluggable blueprints allow users to specify custom device or operating system node types of their own and define via code how to collect node scan data. Please contact Guardian Support to see if this feature meets your needs and we can enable and walk you through the technology in more detail.

Supporting a Device or OS

Depending on the connection method, node type and demand for new supported devices and services, new node types can be built into the product. Please contact Guardian Support or your Account Manager to discuss further.