A policy is a set of predefined configuration options related to performing a scan. After you create a policy, you can select it as a template when you create a scan.

Note: For information about default policy templates and settings, see Scan Templates.

Policy Characteristics

  • Parameters that control technical aspects of the scan such as timeouts, number of hosts, type of port scanner, and more.
  • Credentials for local scans (for example, Windows, SSH), authenticated Oracle database scans, HTTP, FTP, POP, IMAP, or Kerberos based authentication.
  • Granular family or plugin-based scan specifications.
  • Database compliance policy checks, report verbosity, service detection scan settings, Unix compliance checks, and more.
  • Offline configuration audits for network devices, allowing safe checking of network devices without needing to scan the device directly.
  • Windows malware scans which compare the MD5 checksums of files, both known good and malicious files.