Views:

Configure the following settings when running vulnerability scans. For details about the different types of vulnerability scans, see Installing with Vulnerability Scanner.

Settings

Description and Instructions

Product Query

Vulnerability Scanner can check for the presence of security software on the target clients.

  1. Select the security software to check.

  2. Vulnerability Scanner uses the default ports displayed on screen to check for the software. If the software administrator changed the default ports, make the necessary changes or Vulnerability Scanner will not detect the software.

  3. For Norton Antivirus Corporate Edition, you can change the timeout settings by clicking Settings.

Other Product Query Settings

To set the number of clients that Vulnerability Scanner simultaneously checks for security software:
  1. Navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS and open TMVS.ini using a text editor such as Notepad.

  2. To set the number of clients checked:

    • For manual vulnerability scans, change the value for ThreadNumManual. Specify a value between 8 and 64.

      For example, type ThreadNumManual=60 if you want Vulnerability Scanner to check 60 clients at the same time.

    • For scheduled vulnerability scans, change the value for ThreadNumSchedule. Specify a value between 8and 64.

      For example, type ThreadNumSchedule=50 if you want Vulnerability Scanner to check 50 client at the same time.

  3. Save TMVS.ini.

Description Retrieval Settings

When Vulnerability Scanner is able to "ping" clients, it can retrieve additional information about the clients. There are two methods for retrieving information:

  • Normal retrieval: Retrieves both domain and computer information

  • Quick retrieval: Retrieves only the computer name

Alert Settings

To automatically send the Vulnerability Scan results to yourself or to other administrators in your organization:

  1. Select Email results to the system administrator.
  2. Click Configure to specify email settings.
  3. In To, type the email address of the recipient.
  4. In From, type the email address of the sender.
  5. In SMTP server, type the SMTP server address.

    For example, type smtp.company.com. The SMTP server information is required.

  6. In Subject, type a new subject for the message or accept the default subject.
  7. Click OK.

To inform users that their computers do not have security software installed:

  1. Select Display a notification on unprotected computers.
  2. Click Customize to configure the notification message.
  3. In the Notification Message screen, type a new message or accept the default message.
  4. Click OK.

Save as CSV File

Save the vulnerability scan results to a comma-separated value (CSV) file.

The file will be saved on the client where Vulnerability Scanner was launched. Accept the default file path or change it according to your preference.

Ping Settings

Use "ping" settings to validate the existence of a client and determine its operating system. If these settings are disabled, Vulnerability Scanner scans all the IP addresses in the specified IP address range – even those that are not used on any client – thereby making the scanning attempt longer than it should be.

  1. In the Packet size and Timeout fields, accept or modify the default values.
  2. Select Detect the type of operating system using ICMP OS fingerprinting.

    If you select this option, Vulnerability Scanner determines if a client runs Windows or another operating system. For clients running Windows, Vulnerability Scanner can identify the version of Windows.

Other Ping Settings

To set the number of clients that Vulnerability Scanner simultaneously pings:
  1. Navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS and open TMVS.ini using a text editor such as Notepad.

  2. Change the value for EchoNum. Specify a value between 1 and 64.

    For example, type EchoNum=60 if you want Vulnerability Scanner to ping 60 clients at the same time.

  3. Save TMVS.ini.

Security Server settings

  1. Select Auto-install Security Agent on unprotected computers to install the Security Agent to the clients that Vulnerability Scanner will scan.
  2. Type the Security Server host name or IPv4/IPv6 address and port number. Security Agents installed by Vulnerability Scanner will report to this server.
  3. Configure the administrative credentials to use when logging on to the clients by clicking Install Account. In the Account Information screen, type a user name and password and click OK.