Update Settings policy
Use the Update Settings policy on the SiteProtector Console to configure how the
agent automatically locates, downloads, and installs available updates.
Asset policies for Enterprise Scanner
Asset policies apply to groups of assets and describe the security policy for those
assets.
Asset policy descriptions for Enterprise Scanner
Asset policies apply to both discovery scans and assessment scans depending on
the policy.
Scope of scanning
The following table identifies which asset policies apply to discovery scans, which
apply to assessment scans, and which apply to both:
Table 6. Asset policies
Policy Discovery Assessment
Assessment No Yes
Assessment Credentials Yes Yes
Discovery Yes No
Network Locations Yes Yes
Network Services No Yes
Scan Control Yes Yes
Scan Exclusion No Yes
Scan Window Yes Yes
Contents of an asset policy
The general contents of an asset policy include:
v Information about how to run discovery scans, assessment scans, or both types
of scans against the group
v The IP addresses to scan for discovery scans
v The checks to run, and other assessment parameters (for assessment scans
v The days to run scans and during which hours to run them
v Refreshed information from scans about the assets in a group
v The assets in the group, if any, that you do not want to scan
v The list of accounts and log on credentials to use for assets in a group
v The service names associated with TCP and UDP ports
Policy inheritance with asset policies
The following rules describe policy inheritance for agent policies:
v You can define only one Network Locations policy, to be used for all agents and
assets, at the Site level in your group structure.
Chapter 3. Enterprise Scanner policies 45
