2. Step 1: Performing an audit : 2.6 Setting up a scheduled scan
2.6 Setting up a scheduled scan
A scheduled scan is a network audit, which is scheduled to run automatically on a specific date/time and at a specific frequency. Scheduled scans can be set to execute once or periodically. Scheduled scan status can be monitored via Dashboard ► Scheduled Operations tab.
Scheduled scans can also be configured to:
Automatically download and deploy missing Microsoft updates detected during the scheduled audit
Trigger Email notifications on detection of network threats
Generate consecutive-scan comparison reports and distribute these automatically via email.
Automatically uninstall unauthorized applications.
When to use Scheduled Scans?
It is recommended to use scheduled scans:
To automatically perform periodical/regular network vulnerability scans using same scanning profiles and parameters
To automatically trigger scans after office hours and generate alerts and auto-distribution of scan results via email.
To automatically trigger auto-remediation options, (e.g. Auto download and deploy missing updates).
NOTE: For more information on auto-remediation options refer to the Automatic remediation
NOTE: To enable routine scanning of network targets as part of an established network auditing program such as auditing for legal compliance. Ensure that the GFI LANguard Attendant service is running otherwise scheduled operations will fail to start.
2.6.1 How to setup a Scheduled Scan
To perform a scheduled scan:
1. Launch the GFI LANguard management console from Start ► Programs ► GFI LANguard 9.0 ► GFI LANguard
2. From the Network Audit ► Scan tab which opens by default, click on the Set Up a Scheduled Scan option.
Screenshot 7 - New Scheduled Scan dialog
3. Select one of the following options and click Next:
Scan a single computer – Select this option to scan local host or one specific computer
Scan a range of computers – Select this option to scan a number of computers defined through an IP range. For more information refer to: http://kbase.gfi.com/showarticle.asp?id=KBID002749
Scan a list of computers – Select this option to manually create a list of targets, import targets from file or select targets from network list.
Scan computers in text file – Select this option to scan targets enumerated in a specific text file.
Scan a domain or workgroup – Select this option to scan all targets connected to a domain/workgroup.
4. Specify the respective target computer(s) details and click Next.
Screenshot 8 - Scan frequency
5. Specify date/time/frequency of scheduled scan and click Next.
6. Specify the scan profile to be used in the scan.
7. Click Next.
8. Specify logon credentials and click Next
Screenshot 9 - Scheduled scan auto-remediation options
9. (Optional) Select Automatically uninstall unauthorized applications so that all applications validated as unauthorized, will be uninstalled from the scanned computer (unauthorized applications are defined in Application Inventory). For more details see Application auto-uninstall
10. (Optional) Click View applications which this scan will uninstall. To launch the Applications which will be uninstalled dialog. This will list all the applications that will be uninstalled when the scheduled scan is finished.
11. (Optional) Click Configure auto-remediation option to configure the processes that must be triggered before and after a deployment of an application. For more information, refer to Deployment options.
12. Click Next.
Screenshot 10 - Review scheduled scan job
13. (Optional) Click on Configuring alerting options… and specify sender/recipient details.
Screenshot 11 - Scheduled Scans Reporting options
14. (Optional) Click on Configure scheduled scan reporting options… to configure scheduled scans reporting.
a. Specify whether scan results are saved as HTML or XML
b. Click on Results Notification tab and select:
o
Full Scan – to include all data collected during the scheduled scan.
o
Results Comparison – to create a report which lists only the differences (if any) identified between the last scheduled scan results and the preceding one.
15. Click OK to finalize your settings.
16. Click Finish to finalize your configuration.
17. All new scheduled scans are by default disabled. To enable select Configuration ► Scheduled Scans and click on the .
NOTE: For more information on Scheduled Scans refer to the Scheduled Scans section in this manual.
Screenshot 12 - Scheduled scan status
18. Confirm that the new scheduled scan has been successfully set by clicking on Dashboard ► Scheduled Operations. New scheduled scan should be listed in the queue.
For more information on how scheduled scans can be monitored please, refer to Monitoring scheduled activity