A SERVICE OF

logo

Open as PDF
next previous
Ad Hoc Scan Control policy
Use the Ad Hoc Scan Control policy on the SiteProtector Console to define
Enterprise Scanner ad hoc scans for assessment and discovery.
Configuration options
For ad hoc scans you configure the following options:
v With the Ad Hoc Scan Control option, you determine whether to run
assessment or discovery scans, whether to run the scans only during available
scan windows, how to lower the impact on the network from scanning, and the
perspective to use.
v With the Assessment option, you select which checks to run for assessment
scans.
v With the Discovery option, you select which IP addresses to scan and how to
handle the hosts that you discover.
Running an ad hoc discovery scan with Enterprise Scanner
When you run an ad hoc discovery scan from the SiteProtector Console, you must
define the ranges of IP addresses to scan, including additional scanning control
parameters.
Procedure
1. In the SiteProtector navigation pane, create a tab with any view except for a
Policy view.
2. Expand the Site to see the group you want to scan.
3. Right-click the group to scan; if given a choice of Internet Scanner or
Enterprise Scanner, select Enterprise Scanner; and then select Scan from the
pop-up menu.
4. In the Ad Hoc Discovery section, select the Perform one-time discovery scan
of this group check box.
5. Type a Job name to identify the job when it appears in the Command Jobs
window.
6. If you want the scan to run only during your scheduled scanning windows,
select the Run only during open discovery windows check box.
7. Click Discovery in the left pane.
8. Type the range, or ranges, of IP addresses to scan in the IP range(s) to scan
box.
9. Type the IP addresses (in dotted-decimal or CIDR notation) of the assets to
exclude in the IP range(s) to scan box as in the following examples:
v Type an IP address, and then press ENTER.
v Type a range of IP addresses, and then press ENTER.
Example: 172.1.1.100-172.1.1.200
v Type a combination of both choices above, and then press ENTER.
Note: A red box appears around the IP range(s) to scan box until the data is
validated.
10. If you want to ping each IP address before scanning to exclude unreachable
hosts from the scan, select the Ping hosts in this range, before scanning, to
exclude unreachable hosts check box.
64 Enterprise Scanner: User Guide