Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring a Scan Policy

 

In JSA Vulnerability Manager, you can configure a scan policy to meet any specific requirements for your vulnerability scans. You can copy and rename a preconfigured scan policy or you can add a new scan policy. You can't edit a preconfigured scan policy.

You must have the correct license capabilities to perform the following scanning operations. If you need assistance to obtain a new or updated license key, contact your Juniper Customer Support.

  1. Click the Vulnerabilities tab.
  2. In the navigation pane, click Administrative > Scan Policies.
  3. On the toolbar, click Add.
  4. Type the name and description of your scan policy.

    To configure a scan policy, you must at least configure the mandatory fields in the New Scan Policy window, which are the Name and Description fields.

  5. From the Scan Type list, select the scan type.
  6. To manage and optimize the asset-discovery process, click the Asset Discovery tab.
  7. To manage the ports and protocols that are used for a scan, click the Port Scan tab.
  8. To include specific vulnerabilities in your patch scan policy, click the Vulnerabilities tab.Note

    The Vulnerabilities tab is available only when you select a patch scan.

  9. To include or exclude tool groups from your scan policy, click the Tool Groups tabNote

    The Tool Groups tab is available only when you select a zero-credentialed full-scan or full-scan plus policy.

  10. To include or exclude tools from a scan policy, click the Tools tab.Note

    The Tools tab is available only when you select a zero-credentialed Full Scan or Full Scan Plus policy.

    Note

    If you do not modify the tools or tool groups, and you select the Full option as your scan type, then all the tools and tool groups that are associated with a full scan are included in your scan policy.

  11. Click Save.

Related Documentation