Scan jobs and related terms
To tune your system correctly, you must understand how scan jobs run and how the options you define in policies affect jobs and subtasks.
Definitions
The following table describes the terms used by the Enterprise Scanner agent in the scanning process:
Table 8. Terms related to scanning jobs
Term | Description | |
|
| |
Criticality | A | |
| relative importance of an asset to other | |
| assets: | |
| v | Critical |
| v | High |
| v | Medium |
| v | Unassigned (the default) |
| v | Low |
Scan job | SiteProtector schedules a scan job in the | |
| Command Jobs window, either at the | |
| beginning of a refresh cycle or when you | |
| initiate an ad hoc scan. The scan job divides | |
| the scan into subtasks and displays its | |
| progress. Scans might not start processing as | |
| soon as they are posted if they run only | |
| within scan windows and no scan window | |
| is open. | |
|
| |
Task | A scan job is divided into tasks as described | |
| in “Types of tasks” on page 72. | |
|
| |
Subtask | The portion of a task assigned to an agent at | |
| one time. A subtask includes the number of | |
| IPs to discover or the number of assets to | |
| scan based on settings in the Networking | |
| policy for the agent that runs the scan. You | |
| should change the following field names: | |
| v | Maximum IPs per Discovery Subtask |
| v Maximum Assets per Assessment Subtask | |
Assets with unassigned criticality
The criticality levels in the definition above are listed in order from highest to lowest criticality. The Unassigned level is intentionally higher than the Low level for the following reasons:
vThe default criticality level for a newly discovered asset is Unassigned because the criticality is unknown until you assign it another criticality level.
vBecause you must specifically assign the Low level to an asset, Enterprise Scanner places it below Unassigned assets because unassigned assets might be of a higher criticality.
Chapter 4. Understanding scanning processes in SiteProtector 71
