Tasks per type of scan
The following table explains the tasks needed for discovery and assessment scans:
Table 10. Tasks per type of scan
Scan type Number of tasks
Discovery 1 job-level task
1 parent task
1 scanning task
Note: There is no way to prioritize the order
in which a discovery scan scans IP
addresses, therefore there is no reason to
divide the job into more than one scanning
task. The scanning task is divided into
subtasks, however, based on the maximum
number of IP addresses allowed per subtask.
Assessment 1 job-level task
1 parent task
1 base task for each group
1 scanning task for each asset criticality level
represented in each group
Priorities for running tasks
To determine the order for scanning your network, each task in a scan job is
assigned a priority.
The tasks for all jobs assigned to a perspective run in priority order as follows:
v Ad hoc scans run before background scans.
v Discovery scans run before assessment scans.
v Assessment scans run tasks in the order of the criticality of the assets in the task.
Criticality and assessment tasks
User-assigned criticality ratings indicate the relative importance of assets in a
group. A group can contain assets with different criticality ratings. When
Enterprise Scanner divides the job into tasks, it creates separate tasks for each
criticality level and assigns assets to the tasks with the corresponding criticality.
Consequently, the assets in an assessment task are of the same criticality, with the
following results:
v An assessment scan contains at least one task for each asset criticality
represented in each group.
v Asset criticality affects the priority of the task.
Example: If a scan job includes a group with one subgroup, and each group
contains assets with all levels of criticality, the job will run as at least ten tasks: one
task for each criticality in each group.
Chapter 4. Understanding scanning processes in SiteProtector 73
