Configuring vulnerability scans
You can configure the scan schedule and the assets to be scanned.
To configure scanning - web-based manager
1. Go to User & Device > Vulnerability Scan > Scan Definition.
2. Beside Schedule select Change to set the scan schedule and mode:
Recurrence | Select Daily, Weekly, or Monthly and configure the details for the option you have selected. |
Suspend Scan between | Set a time during which the scan should be paused if its running. |
Vulnerability Scan Mode | Quick — check only the most commonly used ports Standard — check the ports used by most known applications Full — check all TCP and UDP ports For a detailed list of the TCP and UDP ports examined by each scan mode, see Table 93. |
3. Select Apply to save the schedule and scan type.
4. Select Create New under Asset Definitions to select the devices on the network to scan.
An asset can be a single server or workstation computer on your network or a range of addresses on your network. You must add assets to the vulnerability scan before you can run a scan.
To scan an entire network or part of a network you can just add the appropriate IP address range to the asset configuration. You can also add the IP addresses of Windows and Linux computers to include the user names and passwords for these machines. The vulnerability scanner will use these credentials to log into the computers and do more detailed vulnerability scanning.
Even if the asset is an address range you can add Windows and Linux credentials. The vulnerability scanner will attempt to log into all network device it finds using these credentials.
5. Enter the following information and select OK:
Name | Enter a name for this asset. |
Type | Select IP Address to add a single IP address. Select Range to add a range of IP addresses to scan. |
IP Address | Enter the IP address of the asset. (Type is IP Address.) |
Range | Enter the start and end of the IP address range. (Type is Range.) |
Enable Scheduled Vulnerability Scanning | Select to allow this asset to be scanned according to the schedule. Otherwise the asset is not scanned during a scheduled vulnerability scan. |
Windows Authentication | Select to use authentication on a Windows operating system. Enter the username and password in the fields provided. |
Unix Authentication | Select to use authentication on a Unix operating system. Enter the username and password in the fields provided. |
6. Select Apply to save the configuration.
To configure scanning - CLI
To configure, for example, a standard scan to be performed every Sunday at 2:00am, you would enter:
config netscan settings
set scan-mode standard
set schedule enable
set time 02:00
set recurrence weekly
set day-of-week sunday
end
To add an asset - CLI
This example adds a single computer to the Asset list:
config netscan assets
edit 0
set name "server1"
set addr-type ip
set start-ip 10.11.101.20
set auth-windows enable
set win-username admin
set win-password zxcvbnm
set scheduled enable
end
This example adds an address range to the Asset list. Authentication is not used:
config netscan assets
edit 0
set name "fileservers"
set addr-type range
set start-ip 10.11.101.160
set end-ip 10.11.101.170
set scheduled enable
end