Pre-requisites
-
The candidate appliance is set up Deploy and configure virtual appliance(s).
-
Endpoint Targets Subnet(s)/IP(s)/IP Range(s) are identified and listed.
-
Credentials to use in the scan job are available.
Creating a new scan Job
-
In the main menu, click Discovery > Scan Jobs
-
In the top right corner, click the Plus (Create Scan job) button
-
Give the scan job a unique name
-
Optionally provide a description of the scan job
-
Click "Create new scan job"
Select scan job type
On the scan type tab, specify the scan type based on what you are trying to achieve with the scan. With the exception of a credential-less scan, all other scan types provide the same discovery data.
The following scan types are available:
-
Sequential (recommended for most use cases):
-
Application
-
Neighborhood
-
Credential-less
Refer to Scan Job Types article for detailed information about the various scan job types.
Set the scan details
Navigate to the "Scan Details" Tab
-
Select the appliance you wish to use for this scan job.
-
Optionally, set the location. - This will automatically populate the location field on any targets discovered by this scan job with this value
-
Optionally set any advanced configuration options in the "Enablings" field.
-
Set the maximum duration of this scan to run (hours).
- Save Changes
Please ensure that the appliance you have selected for the scan job has network access to your intended scan targets
The maximum duration sets a timeout for the entire scan job. If the scan job has not been completed within the configured time, it will be automatically terminated.
Add an existing scope to a scan job
On the scopes tab:
-
In the list of scopes, check the box beside the scope you want to include.
-
Click Update "Scan job name" scopes above the scopes listed.
If scope not listed you need to create a new Scan Scope(s) using the Scope creation wizard
Add Exclusions
An exclusion is a scope (Target IPs) that you want to exclude or avoid scanning. By using this step, you can add a list of target IPs that you would like to avoid scanning. You can either choose an existing exclusion from the list which you have already created or create a new exclusion similar to creating a new scope.
Note: Exclusions are particularly useful when you are scanning a subnet of IPs or when the scan type is Application or Neighbourhood.
Choose one or more Keychain(s)
In the Keychains tab, select any existing keychain to be used for the scan which adds the required credentials for scanning the chosen scope, and then, click update "scan job name" Keychains.
Note: To create a new Key-Chain refer to Adding Keychains.
Add schedule
On the last page of the scan job window, you have the option to add a schedule to your scan job. You can set a schedule to repeat the scans at a particular time. Here, you have two options:
-
Don't schedule scan job - You can start\run the scan job when needed.
-
Schedule scan job - setting a schedule runs the scan job periodically.
The scheduling page associated with the scan job is a time-based job scheduler. It allows users to schedule and automate the execution of jobs at specified time intervals or dates. The scheduler is similar is to the standard cron functionality provided with most *nix systems.
-
Time periods within a single day (period set for minutes or hours) are specified as intervals within a single day e.g. an interval that specifies “repeat every 4 hours at minute 01 starting at 10am” means that the job will be scheduled at 10am, 2pm, 6pm, 10pm. Once the time hits 00:00, the scheduler resets and will not run until 10am the following day.
-
The scheduler supports execution on both day and month periods but these typically only apply to a single time in a day.
Once the Scan Job is configured, you can also manually trigger the same Executing a Scan Job.