There are a few best practices that can be followed in order to have a smooth and efficient scanning of the environment. They will help in running the scans efficiently and getting the desired output sooner.
Follow the article to find out some of the best practices that can be followed while scanning.
Scope size best practice
-
Scope size for an appliance: It is a good practice to have not more than 500 servers\IPs to run by a single appliance.
-
Range Lengths: In a Scan Scope, IP Range up to 32k is supported. In the case there are more than 500 IPs to scan, it is recommended to split it and get it distributed on multiple appliances. This helps in faster scanning, reducing the load on the appliance.
Scheduling best practice
-
To discover new endpoints and keep up to date with the existing ones, it is recommended to run scan jobs at regular intervals. The Scan Jobs can be scheduled to run repeatedly at specified intervals. Available scheduling options are Minutes, Hours, Days, and Months. San frequency could be based on:
-
The size of the scan scope(s).
-
Dynamicity of your infrastructure (endpoints and applications).
-
-
To avoid multiple jobs queuing or waiting to scan, the scan schedules should be adjusted to ensure a gap between different scheduled jobs. For optimal configuration, you could calculate the length of each scan job, before setting up schedules. That way you can schedule the jobs that don’t overlap.
Example: if a scan job takes 2 hours, schedule the other scan jobs at alternate times.