Creating a Scan Profile
In JSA Vulnerability Manager, you configure scan profiles to specify how and when your network assets are scanned for vulnerabilities.
You must have the correct license capabilities to perform the following scanning operations. If you need assistance to obtain a new or updated license key, contact your Juniper Customer Support.
- Click the Vulnerabilities tab.
- In the navigation pane, click Administrative >Scan Profiles.
- On the toolbar, click Add.
When you create a scan profile, the only mandatory fields are Name and IP Addresses on the Details tab of the Scan Profile Configuration page. In addition, you can also configure the following optional settings.
If you added more scanners to your JSA Vulnerability Manager deployment, select a scanner from the Scan Server list. This step is unnecessary if you want to use dynamic scanning.
To enable this profile for on-demand scanning, click the On Demand Scanning Enabled check box.
By selecting this option, you make the profile available to use if you want to trigger a scan in response to a custom rule event. It also enables on-demand vulnerability scanning by using the right-click menu on the Assets page.
By selecting the Dynamic Server Selection check box, you can choose the most appropriate scanner that is available. Ensure that you define the scanners in the Administrative > Scanners page.
Security profiles must be updated with an associated domain. Domain-level restrictions are not applied until the security profiles are updated, and the changes are deployed.
To scan your network by using a predefined set of scanning criteria, select a scan type from the Scan Policies list.
If you configured centralized credentials for assets, click the Use Centralized Credentials check box. For more information, see the JSA Administration Guide.
- Click Save.