11.If you want to add newly discovered assets to the group where you have defined the scan, rather than to the Ungrouped Assets group, select the Add newly discovered assets to group check box.

12.If you want to add previously known assets (that are not in the group) to the group, select the Add previously known assets to group check box.

13.Click OK. The ad hoc discovery scan is displayed in the Command Jobs window.

Running an ad hoc assessment scan with Enterprise Scanner

When you run an ad hoc assessment scan from the SiteProtector Console, you can use the default settings, or choose the checks you want to run and other scanning parameters.

Procedure

1.In the SiteProtector navigation pane, create a tab with any view except for a Policy view.

2.Expand the Site to see the group you want to scan.

3.Right-click the group to scan; if given a choice of Internet Scanner or Enterprise Scanner, select Enterprise Scanner; and then select Scan from the pop-up menu.

4.In the Ad Hoc Discovery section, select the Perform one-time discovery scan of this group check box.

5.Type a Job name to identify the job when it appears in the Command Jobs window.

6.If you want the scan to run only during your scheduled scanning windows, select the Run only during open discovery windows check box.

7.Click Assessment in the left pane.

8.Configure the policy the same way you would configure the background Assessment policy.

9.Select Global in the Perform scans from this perspective (Network location) list.

10.Click the Advanced Settings tab.

11.In the Assessment Throttling section, use the Bandwidth Throttling slider to set the amount of bandwidth the scan should consume.

The Enterprise Scanner agent will monitor threads once the value becomes greater than you specified.

To enable logging, add the following advanced parameter to the logging parameters in SiteProtector: esm.portN.debug.logging where N is the port number of the scan interface

The agent writes the log information to iss-esm-<port number of scan interface>.log.

12.Use the remaining sliders to enable settings that prevent the scan from overwhelming or flooding a slow network:

Option

Description

 

 

Connections per host

The maximum number of connections the

 

scan should make per host.

 

 

SMB Connections

The maximum number of SMB connections

 

the scan should make during a scan job.

 

 

Chapter 3. Enterprise Scanner policies 65

Page 72 Page 74
Page 73
Image 73
IBM Partner Pavilion 2.3 manual Running an ad hoc assessment scan with Enterprise Scanner
Page 72 Page 74
Top Page Image Contents