Scans Setup

Go to Scans > Setup to see global setup options related to scanning.

Scan setup

Some options may not be available, depending on your service level and subscription settings.

Storage

View the storage settings for scan/map results, as defined for your account, and change if you want.

Storage setup window

Excluded Hosts

Hosts added to the excluded hosts list will never be scanned by the service, even if included in the scan target by a user.

Excluded host setup window

Dissolvable Agent

A Manager user must accept the Dissolvable Agent (Agent) in order to perform certain types of security scans. Learn more

Dissolvable agent setup window

Note: The Dissolvable Agent Accept option is enabled by default for all new VMDR subscriptions.

PCI Account Links

To share PCI scans with your PCI Merchant accounts, you must create links to those accounts. Go to the PCI Account Links Setup page to manage your PCI account links.

PCI setup window

Scheduled Scans

The Manager primary contact has the option to prevent the service from starting a new scheduled scan when there's an instance of it running or paused. Also the Manager primary contact has the option to allow users to configure a scheduled scan to relaunch once a scan instance finishes. This supports continuous scanning.

Scheduled scans setup window

Schedules Data List Setup

If the Schedules data list (under Scans > Schedules) takes too long to load, then a Manager user can use this option to display a filtered view of the list when it is first loaded. The Manager can choose to display all schedules, only active schedules, only VM scan schedules, or only map schedules when the list is first loaded. The corresponding filter on the data list will be selected by default. Users can then change the filter or perform a search to see additional schedules. (Supported for vulnerability scans and maps only.)

Scheduled data list setup window

Scanner Trusted CA

The Manager primary contact has the option to accept this feature allowing Managers to create a list of private certificate authorities for use by the scanner. Learn more

Disclaimer window

DNS Tracking

The Manager primary contact has the option to automatically change the tracking method from IP to DNS for hosts when a valid DNS hostname is detected at scan time. This applies only when scans are launched by DNS hostname. Learn more

DNS tracking setup window

Note: Enable DNS Tracking for hosts is enabled by default for all new VMDR subscriptions.

Syslog Forwarding

A Manager user has the option to enable this feature to have scan related syslog messages (/var/log/messages syslog stream) forwarded from scanner appliances to a remote syslog server. Once enabled, syslog forwarding is on for all scanner appliances (virtual and physical) currently in the subscription and for new scanners that get added later. Learn more

Syslog forwarding config window

Max Scan Duration per Asset

A Manager user has the option to enable this feature to allow users to set a maximum scan duration per asset in their option profiles. This determines how long a scan can run on a single asset. If the scan of an asset exceeds the duration specified in the option profile, then the scan on the asset will be aborted and the scan job will continue to the next target. (Supported for vulnerability scans only.) Learn more

Maximum scan duration per asset setup window

Note: Allow users to set maximum scan duration per asset is enabled by default for all new VMDR subscriptions.

Debug Scan

Enable or disbale the debug scan option for your profile. With the debug scan enabled, users can log details to identify any of the issues that occurred during the standard scanning process.

Debug scan window

Note: Enable Debug Scan is enabled by default for all new VMDR subscriptions.