Scan Protocols and Ports

Scanning a Full Port Range

In JSA Vulnerability Manager, you can scan the full port range on the assets that you specify.

Create a scan policy to specify the ports that you want to scan, and then add this scan policy to a scan profile, which you use to run the scan.

1. Click the Vulnerabilities tab.

2. In the navigation pane, select Administrative >Scan Policies.

3. On the toolbar, click Add to create a new scan policy or Edit to edit an existing policy.

4. Click the Settings tab.

   1. Enter a name and description for the scan policy.

   2. Select the scan type.

5. Click the Port Scan tab.

6. In the Protocol field, select a protocol. The default values are TCP & UDP.

   Note:

   UDP port scans are much slower than TCP port scans because of the way that UDP works. A UDP port scan can take up to 24 hours to scan all ports (1-65535) on an asset.

7. In the Range field, type 1-65535.

   Note:

   Port ranges must be configured in dash-separated, comma-delimited, consecutive, ascending, and non-overlapping order. Multiple port ranges must be separated by a comma. For example, the following examples show the delimiters that are used to enter port ranges:(1-1024, 1055, 2000-65535).

8. In the Timeout (m) field, type the time in minutes after which you want the scan to cancel if no scan results are discovered.

   Note:

   You can type any value in the range 1 - 500. Ensure that you do not enter too short a time, otherwise the port scan cannot detect all running ports. Scan results that are discovered before the timeout period are displayed.

9. Configure more options on the other tabs if you want to use the scan policy to complete more tasks.

10. Click Save.

11. From the Scan Profiles page, create a new scan profile.

    1. Add the scan policy that you saved.

    2. Configure the remaining parameters for the scan profile and save.

    3. From the Scan Profiles page, select the new scan profile, and then click Run on the toolbar to run the scan.

    For more information about creating a scan profile, see Creating a Scan Profile.

    Note:

    You can also configure port scanning from the How To Scan tab in the Scan Profile Configuration window but this option is only enabled for backwards compatibility. Do not use the How To Scan tab to configure new port scans.

Scanning Assets with Open Ports

In JSA Vulnerability Manager, you can configure a scan profile to scan assets with open ports.

1. Click the Assets tab.

2. In the navigation pane, click Asset Profiles then on the toolbar, click Search >New Search.

3. To specify assets with open ports, configure the following options in the Search Parameters pane:

   1. Select Assets With Open Port, Equals any of 80 and click Add Filter.

   2. Select Assets With Open Port, Equals any of 8080 and click Add Filter.

   3. Click Search.

4. On the toolbar, click Save Criteria and configure the following options:

   1. In the Enter the name of this search field, type the name of your asset search.

   2. Click Include in my Quick Searches.

   3. Click Share with Everyone and click OK.

5. Click the Vulnerabilities tab.

6. In the navigation pane, select Administrative >Scan Profiles.

7. On the toolbar, click Add.

   When you create a scan profile, the only mandatory fields are Name and IP Addresses on the Details tab of the Scan Profile Configuration page. To scan assets with open ports, you must also follow the remaining steps in this procedure.

8. On the Details tab, select your saved asset search from the Available Saved Searches list and click >.

   When you include a saved asset search in your scan profile, the assets and IP addresses associated with the saved search are scanned.

9. Click the When To Scan pane and in the Run Schedule list, select Manual.

10. Click the What To Scan pane.

11. Click Save.

    For more information about saving an asset search, see the Juniper Secure Analytics Users Guide for your product.

Perform the steps in the procedure, Running Scan Profiles Manually.