TOC & Recently Viewed

Recently Viewed Topics

Advanced Settings

The Advanced settings provide increased control over scan efficiency and the operations of a scan, as well as the ability to enabled plugin debugging.

The Advanced Settings include the following sections:

Scan Type

The Scan Type setting appears for the following templates:

  • Basic Network Scan
  • Credentialed Patch Audit
  • Internal PCI Network Scan
  • Malware Scan
  • PCI Quarterly External Scan
  • Policy Compliance Auditing
  • SCAP and OVAL Auditing

All templates that include the Scan Type setting have the same options:

  • Default
  • Scan low bandwidth links
  • Custom

The Tenable.io interface provides descriptions of each option.

Note: When Custom is selected, the General section appears. The General section includes the settings that appear on the following table.

The following table includes the default values for the Advanced Network Scan template. Depending on the template you selected, certain default values may vary.

Setting Default Value Description
General Settings
Enable Safe Checks Enabled When enabled, disables all plugins that may have an adverse effect on the remote host.
Stop scanning hosts that become unresponsive during the scan Disabled When enabled, Tenable.io stops scanning if it detects that the host has become unresponsive. This may occur if users turn off their PCs during a scan, a host has stopped responding after a denial of service plugin, or a security mechanism (for example, an IDS) has started to block traffic to a server. Normally, continuing scans on these machines sends unnecessary traffic across the network and delay the scan.
Scan IP addresses in a random order Disabled

By default, Tenable.io scans a list of IP addresses in sequential order. When enabled, Tenable.io scans the list of hosts in a random order across the entire target IP space. This is typically useful in helping to distribute the network traffic during large scans.

Create unique identifier on hosts scanned using credentials Enabled Creates a unique identifier for credentialed scans.
Performance Settings

Slow down the scan when network congestion is detected

Disabled

This enables Tenable.io to detect when it is sending too many packets and the network pipe is approaching capacity. If detected, Tenable.io throttles the scan to accommodate and alleviate the congestion. Once the congestion has subsided, Tenable.io automatically attempts to use the available space within the network pipe again.

Use Linux kernel congestion detection

Disabled

This enables Tenable.io to use the Linux kernel to detect when it is sending too many packets and the network pipe is approaching capacity. If detected, Tenable.io throttles the scan to accommodate and alleviate the congestion. Once the congestion has subsided, Tenable.io automatically attempts to use the available space within the network pipe again.

Network timeout (in seconds)

5 Specifies the time that Tenable.io waits for a response from a host unless otherwise specified within a plugin. If you are scanning over a slow connection, you may wish to set this to a greater number of seconds.

Max simultaneous checks per host

5 Specifies the maximum number of checks a Tenable.io scanner performs against a single host at one time.

Max simultaneous hosts per scan

80

Specifies the maximum number of hosts that a Tenable.io scanner scans simultaneously.

Max number of concurrent TCP sessions per host

none Specifies the maximum number of established TCP sessions for a single host.

This TCP throttling option also controls the number of packets per second the SYN scanner eventually sends (e.g., if this option is set to 15, the SYN scanner will send 1500 packets per second at most).

Max number of concurrent TCP sessions per scan

none

This setting limits the maximum number of established TCP sessions for the entire scan, regardless of the number of hosts being scanned.

For scanners installed on any Windows host, this value must be set to 19 or less to get accurate results.

Debug Settings

Enable plugin debugging

Disabled

Attaches available debug logs from plugins to the vulnerability output of this scan.

Copyright 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.