Pre-requisites
-
The candidate appliance is set up Deploy and configure virtual appliance(s).
-
Endpoint Targets Subnet(s)/IP(s)/IP Range(s) are identified and listed.
-
Credentials to use in the scan job are available.
Creating a new scan Job
-
In the main menu, click Discovery > Scan Jobs
-
In the top right corner, click the Plus (+) symbol
-
Give the scan job a unique name
-
Optionally provide a description of the scan job
-
Click "Create new scan job"
Select scan job type
On the scan type tab, specify the scan type based on what you are trying to achieve with the scan. With the exception of a credential-less scan, all other scan types provide the same discovery data.
The following scan types are available:
-
Sequential (recommended for most use cases):
-
Application
-
Neighborhood
-
Credential-less
Refer to Scan Job Types article for detailed information about the various scan job types.
Set the scan details
Navigate to the "Scan Details" Tab
-
Select the appliance you wish to use for this scan job.
-
Optionally, set the location. - This will automatically populate the location field on any targets discovered by this scan job with this value
-
Optionally set any advanced configuration options in the "Enablings" field.
-
Set the maximum duration of this scan to run (hours).
Please ensure that the appliance you have selected for the scan job has network access to your intended scan targets
The maximum duration sets a timeout for the entire scan job. If the scan job has not been completed within the configured time, it will be automatically terminated.
Add an existing scope to a scan job
On the scopes tab:
-
In the list of scopes, check the box beside the scope you want to include.
-
Click Update in the top right corner.
Note: To create a new Scan Scope refer to Creating a Scan Scope
You can also create a new Scan Scope(s) using the Scan Job creation wizard
-
On the scopes tab Click "Create New Scope"
-
Give the scope a name
-
Give it a description
-
Select the scope type (Explained Below)
-
Click Continue
Scope Type: Depending on if you are trying to scan an on-prem environment or a public cloud environment, there is a different approach to setting the scan scope. What would you like to do?
-
Private Network
-
Amazon
-
Azure
-
Google Cloud Platform
Add Exclusions
An exclusion is a scope (Target IPs) that you want to exclude or avoid scanning. By using this step, you can add a list of target IPs that you would like to avoid scanning. You can either choose an existing exclusion from the list which you have already created or create a new exclusion similar to creating a new scope.
Note: Exclusions are particularly useful when you are scanning a subnet of IPs or when the scan type is Application or Neighborhood.
Choose one or more Keychain(s)
In the Keychains tab, select any existing keychain to be used for the scan which adds the required credentials for scanning the chosen scope, and then, click update.
Note: To create a new Key-Chain refer to Adding Keychains.
Add schedule
On the last page of the scan job window, you have the option to add a schedule to your scan job. You can set a schedule to repeat the scans at a particular time. Here, you have two options:
-
Don't schedule scan job - You can start\run the scan job when needed.
-
Schedule scan job - setting a schedule runs the scan job periodically.
The scheduling page associated with the scan job is a time-based job scheduler. It allows users to schedule and automate the execution of jobs at specified time intervals or dates. The scheduler is similar is to the standard cron functionality provided with most *nix systems.
-
Time periods within a single day (period set for minutes or hours) are specified as intervals within a single day e.g. an interval that specifies “repeat every 4 hours at minute 01 starting at 10am” means that the job will be scheduled at 10am, 2pm, 6pm, 10pm. Once the time hits 00:00, the scheduler resets and will not run until 10am the following day.
-
The scheduler supports execution on both day and month periods but these typically only apply to a single time in a day.
Once the Scan Job is configured, you can also manually trigger the same Executing a Scan Job.