- Knowledge base
- Network & System Security
- Optimization
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
How do I optimize scans for large and medium-sized networks?
This article aims to describe the best way of performing a fast and reliable comprehensive scan of a large or medium corporate network with the primary goal of identifying vulnerabilities and threats across all systems and services.
Learn more about optimizing scans
To better understand the settings mentioned in this article, we recommend reading the main article on optimizing scans. This will provide valuable information on making the most of your scans and ensure efficient and accurate results.
https://support.holmsecurity.com/knowledge/how-do-i-optimize-scans
Recommended scan profile settings
Port selection: Opt for the "Standard" port list, balancing speed and thoroughness by targeting the most commonly used ports in the large network.
It's important to note that the scan duration can significantly increase if UDP ports are selected for the scan. The additional time required for UDP scans can double or even triple the total scan time. Be prepared for extended scan durations when UDP ports are included and plan accordingly. Alternatively, you could select the Light UDP ports list to cover the most used UDP ports.
Customizable Scanner Configurations
- Scan Intensity: Choose "High Intensity" to prioritize speed while maintaining a reasonable level of thoroughness. Be aware that having a good and reliable network infrastructure is crucial to support the increased scanning activity. You can always choose Medium to avoid network load.
- Hosts to Scan in Parallel: Choose "High" intensity to scan up to 25 hosts simultaneously, making the process more efficient.
- Processes to Run in Parallel: Set to "High" to run up to 10 plugins simultaneously on each host. You should only consider lowering it if the scanner appliance lacks computational resources.
- Packet Delay: Set to "Automatic" to minimize packet delays between probes and maximize the scanning speed.
- Host Timeout: Configure the host timeout parameter with caution. Adjusting this parameter can help the overall scan perform fast and efficiently, but be aware that it might result in not scanning less responsive hosts. For instance, setting a 2-hour host timeout may be sufficient to scan both the Full TCP and Light UDP port lists in a reliable network, but ensure these adjustments align with your specific scanning goals and priorities.