Pre-requisites
-
The candidate appliance is set up Deploy and configure virtual appliance(s).
-
Endpoint Targets Subnet(s)/IP(s)/IP Range(s) are identified and listed.
-
Credentials to use in the scan job are available.
Creating a new scan Job
-
In the main menu, click Discovery > Scan Jobs
-
In the top right corner, click the Plus (+) symbol
-
Give the scan job a unique name
-
Optionally provide a description of the scan job
-
Click "Create new scan job"
Select scan job type
On the scan type tab, specify the scan type based on what you are trying to achieve with the scan. With the exception of a credential-less scan, all other scan types provide the same discovery data.
The following scan types are available:
-
Sequential (recommended for most use cases):
-
Application
-
Neighborhood
-
Credential-less
Refer to Scan Job Types article for detailed information about the various scan job types.
Set the scan details
Navigate to the "Scan Details" Tab
-
Select the appliance you wish to use for this scan job.
-
Optionally, set the location. - This will automatically populate the location field on any targets discovered by this scan job with this value
-
Optionally set any advanced configuration options in the "Enablings" field.
-
Set the maximum duration of this scan to run (hours).
Please ensure that the appliance you have selected for the scan job has network access to your intended scan targets
The maximum duration sets a timeout for the entire scan job. If the scan job has not been completed within the configured time, it will be automatically terminated.
Add an existing scope to a scan job
On the scopes tab:
-
In the list of scopes, check the box beside the scope you want to include.
-
Click Update in the top right corner.
Note: To create a new Scan Scope refer to Creating a Scan Scope
You can also create a new Scan Scope(s) using the Scan Job creation wizard
-
On the scopes tab Click "Create New Scope"
-
Give the scope a name
-
Give it a description
-
Select the scope type (Explained Below)
-
Click Continue
Scope Type: Depending on if you are trying to scan an on-prem environment or a public cloud environment, there is a different approach to setting the scan scope. What would you like to do?
-
Private Network
-
Amazon
-
Azure
-
Google Cloud Platform
Add Exclusions
An exclusion is a scope (Target IPs) that you want to exclude or avoid scanning. By using this step, you can add a list of target IPs that you would like to avoid scanning. You can either choose an existing exclusion from the list which you have already created or create a new exclusion similar to creating a new scope.
Note: Exclusions are particularly useful when you are scanning a subnet of IPs or when the scan type is Application or Neighborhood.
Choose one or more Keychain(s)
In the Keychains tab, select any existing keychain to be used for the scan which adds the required credentials for scanning the chosen scope, and then, click update.
Note: To create a new Key-Chain refer to Adding Keychains.
Add schedule
On the last page of the scan job window, you have the option to add a schedule to your scan job. You can set a schedule to repeat the scans at a particular time. Here, you have two options:
-
Don't schedule scan job - You can start\run the scan job when needed.
-
Schedule scan job - setting a schedule runs the scan job periodically.
Once the Scan Job is configured, you can also manually trigger the same Executing a Scan Job.