Network Locations policy
Use the Network Locations policy to define the perspective (network location) of
an agent and to define routes for those perspectives.
Note: The Network Locations policy does not automatically import the
perspectives you set up in the Network Locations tab in the Proventia Manager
(LMI). If you have defined perspectives in the Proventia Manager, you must
redefine those perspectives for this policy in SiteProtector.

What is perspective?

A perspective is a name that represents the network location of one or more
agents. You associate a perspective with a group to scan in the Scan Controlpolicy.
The agent(s) assigned to that perspective in the Networking policy run the scans.

Default perspective

The Network Locations policy contains a default perspective, Global, which you
cannot delete. You can use the Global perspective without adding any additional
perspectives, or you can use it along with user-defined perspectives.

When to use additional perspectives

Perspective is most important when you have multiple scanners located at
different locations on your network. To distinguish among them, you must use
more than one perspective.
You can only assign one unique perspective per scanning port. You cannot assign
the same perspective to more than one scanning port.

Perspective names

When you choose a perspective name, choose a name that represents the location
on the network that the perspective references. Consider that, technically,a
perspective represents a set of subnets from which you would expect the same
results for scanning and monitoring your network regardless of where you
connected your scanners within that set of subnets.

Scanning without full permissions

To perform any Enterprise Scanner scan with SiteProtector SP6.1 or later,a user
must have permission to view the Network Locations policy. This permission is
granted for the predefined user groups that provide full Enterprise Scanner
permissions. If you define users or user groups with restricted permissions, you
must grant this permission explicitly. The way you grant permission is based on
the inheritance behavior of your policy:
If you... Then...
Do not change the inheritance behavior of
the policy
You can define the permission once at the
Site level.
Change the inheritance behavior of the
policy
You must grant the permission for the group
where you need the permission and for all
the groups above it in the hierarchy.
36 Enterprise Scanner: User Guide