Scheduling a Vulnerability Scan

Scan schedules are intervals assigned to scanners that determine when vulnerability assessment data is imported from external scanning appliances in your network. Scan schedules can also define CIDR ranges or subnets that are included in the data import when the vulnerability data import occurs.

Scan schedules are created for each scanner product in your network and are used to retrieve vulnerability data. There is no limit to the number of scan schedules you can create. It is often helpful to create multiple scans in your network for vulnerabilities in your network. Large vulnerability imports can take a long time to complete and are often very system resource intensive. A scan cannot be scheduled until after the scanner has been added.

Click the Admin tab.
Click the Schedule VA Scanners icon.
Click Add.
From the VA Scanners list, select the scanner that requires a scan schedule.

Choose one of the following options:

Option	Description
Network CIDR	Select this option to define a CIDR range for the data import. If a scanner includes multiple CIDR configurations, then the CIDR range can be selected from the list.
Subnet/CIDR	Select this option to define a subnet or CIDR range for the data import. The subnet/CIDR value that is defined by the administrator must be a Network CIDR that is available to the scanner.

Option

Description

Network CIDR

Select this option to define a CIDR range for the data import.

If a scanner includes multiple CIDR configurations, then the CIDR range can be selected from the list.

Subnet/CIDR

Select this option to define a subnet or CIDR range for the data import.

The subnet/CIDR value that is defined by the administrator must be a Network CIDR that is available to the scanner.

From the Priority list, select the priority level to assign to the scan.

Option	Description
Low	Indicates the scan is of normal priority. Low priority is the default scan value.
High	Indicates the scan is high priority. High priority scans are always placed above low priority scans in the scan queue.

Option

Description

Low

Indicates the scan is of normal priority. Low priority is the default scan value.

High

Indicates the scan is high priority.

High priority scans are always placed above low priority scans in the scan queue.

In the Ports field, type the ports that are included in the scan schedule. Any ports that are not in the schedule are not imported from the vulnerability data. Administrators can specify any port values from 1 - 65536. Individual port values can be included as comma-separate values, along with port ranges. For example, 21,443, 445, 1024-2048.
Select the start time for the schedule.
In the Interval field, type a time interval to indicate how often you want this scan to repeat. Scans schedules can contain intervals by the hour, day, week, or month.
Select Clean Vulnerability Ports to delete all vulnerabilities found on each asset, and replace with data reported in the next scan run.
Click Save.