Active Scan Settings
For more information, see Add an Active Scan.
Description |
|
---|---|
General |
|
Name |
The scan name that is associated with the scan’s results and may be any name or phrase (for example, SystemA, DMZ Scan, or Daily Scan of the Web Farm). |
Description |
Descriptive information related to the scan. |
Policy |
The policy on which you want to base the scan. You can scroll through the list, or search by entering text in the search box at the top of the list of available policies. |
Schedule |
|
Schedule |
The frequency you want to run the scan.
|
Description |
|
---|---|
Basic |
|
Scan Zone |
Note: If your organization's Distribution Method setting is Locked Zone, you cannot modify this setting. If your organization's Distribution Method setting is Automatic Distribution Only, Tenable Security Center automatically chooses one or more scan zones and hides this setting. Specifies the scan zone you want to use to run the scan. Depending on your organization's Distribution Method setting, you can select one of the following:
For more information, see Organizations and Scan Zones. |
Import Repository |
Specifies the repository where Tenable Security Center imports the scan results. Select a |
Scan Timeout Action |
The action you want Tenable Security Center to perform in the event a scan is incomplete:
|
Rollover Schedule |
If you set the Scan Timeout Action to Import results with Rollover, this option specifies how to handle the rollover scan. You can create the rollover scan as a template to launch manually, or to launch the next day at the same start time as the just-completed scan. |
Advanced |
|
Scan Virtual Hosts |
Specifies whether the system treats a new DNS entry for an IP address as a virtual host as opposed to a DNS name update. When Tenable Security Center finds a new DNS name for an IP address:
If you import scan results from a Universal repository, this option does not appear. Universal repositories treat hosts with the same IP address but unique FQDNs as different hosts. For more information, see Universal Repositories. |
Track hosts which have been issued new IP address |
This option uses the DNS name, NetBIOS name, Agent ID, and MAC address (if known), in that order, to track a host when its IP address changes. Once Tenable Security Center finds a match, Tenable Security Center does not search further for matches. For example, if Tenable Security Center does not match a DNS name, but it does match a NetBIOS name, the system does not check the MAC address. Networks using DHCP require that you set this option to properly track hosts. If you import scan results from a Universal repository, this option does not appear. Universal repositories do not rely on IP addresses to track hosts. For more information, see Universal Repositories. |
Immediately remove vulnerabilities from scanned hosts that do not reply |
If a previously responsive host does not reply to a scan, Tenable Security Center removes the host's vulnerabilities from the cumulative database. If the host has vulnerabilities in the mitigated database, they remain in the mitigated database.
|
Number of days to wait before removing dead hosts |
If you disable Immediately remove vulnerabilities from scanned hosts that do not reply, this value specifies how many days the system waits to remove vulnerabilities. |
Max scan duration (hours) |
Specifies the maximum number of hours you want a scan to run. If a scan reaches this threshold, Tenable Security Center automatically creates a rollover scan that you can launch manually to complete the scan. Tenable Security Center creates a rollover scan regardless of your Scan Timeout Action setting. Note: If there is a scan window set, the Max scan duration setting must be longer than the scan window to allow time to generate the scan results. |
The Targets section identifies the devices Tenable Security Center scans.
Option | Description |
---|---|
Target Type |
Specifies the target type for the scan:
|
Assets | (Available if Target Type is Assets or Mixed) The list of assets to scan. Click to select or deselect the assets you want to scan. |
IPs / DNS Names |
(Available if Target Type is IP / DNS Name or Mixed) The IP addresses or DNS names you want to scan. Specify IP addresses and DNS names using the following valid formats:
Note: You can only scan IPv4 and IPv6 addresses when using Universal Repositories. |
The Credentials section allows users to select pre-configured credential sets for authenticated scanning. For more information, see Credentials.
Tenable Security Center active scans support the following credential types:
These options determine what actions occur immediately before and after the active scan completes.
Option | Description |
---|---|
Reports to Run on Scan Completion |
|
Add Report |
This option provides a list of reports available to the user to run when the scan completes. For more information, see Add a Report to a Scan. |