Determining when background scans run
This topic describes two important concepts for background scanning: scanning refresh cycles and scanning windows. These concepts control when background scans run.
Scanning refresh cycle
A scanning refresh cycle is the maximum duration (in days, weeks, or months) of a background scan. You define separate scanning refresh cycles for discovery and for assessment scans in a Scan Control policy. The cycles apply to the scans for all groups that the policy controls.
Important points about refresh cycles
Refresh cycles affect scanning as follows:
vRefresh cycles apply to background discovery and background assessment scans; they do not apply to ad hoc scans.
vAt the end of a refresh cycle, any background scanning jobs that are still running are stopped. Their status appears as expired.
vThe refresh cycle begins at midnight on the first day of the cycle, and the jobs for that cycle are scheduled in the Command Jobs window at that time.
Scanning windows
Scanning windows are the hours that are available for scanning each day of the week. A scan that runs only during scanning windows pauses when a window closes, and then resumes when the window reopens.
Scans affected by scanning windows
Scanning windows affect scans as follows:
vScanning windows apply to all background scans for the groups controlled by a particular Scan Windows policy.
vWhen you run an ad hoc scan, you choose whether to confine the scan to the
Cycle and window dependencies
Background scanning for a group requires a refresh cycle and one or more scanning windows. Although you define refresh cycles and scanning windows in different policies, they work together to define the extent of your background scans. The cycle defines the duration, or elapsed time, of the scan; the scanning windows define the days and hours when scanning may occur during the cycle.
Flexibility
Because you define refresh cycles and scanning windows in different policies, you can use the policy inheritance properties to more precisely define your scans. For example, you can define refresh cycles and apply the Scan Control policy to a group with several subgroups. For each subgroup, you can define different scan windows to control the amount of scanning on different parts of your network at different times. For more about policy inheritance, see Chapter 3, “Enterprise Scanner policies,” on page 29.
