How do I set up a Policy scan?

Avatar
Oscar Wickman
Follow

To be able to run a Policy scan you first need to set up a Policy scan profile:
https://support.holmsecurity.com/hc/en-us/articles/360017067920

This article will guide you into setting up a policy scan and schedule a policy scan:

  1. Login to Security Center
  2. Click on Scan Network
  3. Click on +Add Scan > Policy scan 
  4. Under the headline General information enter the following:
    • Name: the name of the scan, e.g. Policy scan Microsoft Office
    • Owner: the owner of the scan. Will be the one receiving notifications for the schedule.
    • Scan profile: select the scan profile for the schedule.
  5. Under the headline Targets enter the following:
    • IPs/Ranges: the targets for your scan. Can be specific host or IP ranges. You can add any number of hosts.
    • Include all hosts in IP range belonging to tag: if you want all IP’s in a IP range to be included if a tag matches a IP range asset, even if each host doesn’t have the specific tag.
    • Select tags: Select the preferred tags you wish to use as the target for the scan.
    • Include hosts that: here you include hosts that have all or any of the specific tags that you enter.
    • Do not Include hosts that: here you exclude hosts that have all or any of the specific tags that you enter.
  6. Under the headline Schedule enter the following:
    • Schedule enabled: Select if you want to run Recurrentscans or to run Once on a scheduled time.
    • Start: select the first start date and time. Notice that reoccurring scans will start at the time set here.
    • Timezone: select the timezone for the schedule.
    • Repeat: Select daily,weekly or monthly between the scans.
    • Every: The occurence in combination with the values selected in repeat and day 
    • Day: Select which day you want the scans to run.
  7. Under the headline Notifications enter information about notifications sent before the scheduled scan and when the scheduled scan is finished.
    • Under Notification before scan starts, enter the following:
    • Notify scan owner before scan starts: check to enable.
    • Notify before the scan starts: select how long before the scan the notifications should be sent. Default is 1 hour.
    • Subject: enter a custom subject for the notification, or use default.
    • Sender name: enter a custom sender name for the notification, or use default.
    • Sender email: enter a custom sender email for the notification, or use default. If you use your own email (e.g. notifications@yourbusiness.com) address please add the following SPF record for the domain (e.g. business.com) to avoid problems receiving the emails:
      http://support.holmsecurity.com/hc/en-us/articles/213446285
    • Recipients: Enter additional recipient for the notifications.
    • Message: Enter a custom message for the notification, or use default.
    • Under Notification for finished scan enter the following:
    • Notify scan owner when this scan is finished: check to enable.
    • Subject: enter a custom subject for the notification, or use default.
    • Sender name: enter a custom sender name for the notification, or use default.
    • Sender email: enter a custom sender email for the notification, or use default.
    • Also send notification to the following email addresses: enter additional recipient for the notifications.
    • Message: enter a custom message for the notification, or use default.
  8. Click OK.
  9. The policy scan will now run and a notification sent (if activated) according the schedule.
  10. Done!
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.