To be able to run a Policy scan, you first need to set up a Policy scan profile:
https://support.holmsecurity.com/hc/en-us/articles/360017067920
This article will guide you in setting up a policy scan and scheduling a policy scan:
- Log in to the Security Center
- Click on Scan Network
- Click on +Add Scan > Policy scan
- Under the headline General information enter the following:
- Name: the name of the scan, e.g., Policy scan Microsoft Office
- Owner: the owner of the scan. Will be the one receiving notifications for the schedule.
- Scan profile: select the scan profile for the schedule.
- Under the headline Targets enter the following:
- IPs/Ranges: the targets for your scan. It can be a specific host, network, or range of IPs. You can add any number of hosts.
- Include all hosts in IP range belonging to the tag: if you want all IPs in an address range to be included if a tag matches an IP range asset, even if each host doesn’t have the specific tag.
- Select tags: Select the preferred tags you wish to use as the target for the scan.
- Include hosts: Include assets with all or any specific tags you enter.
- Do not Include hosts: Exclude assets with all or any specific tags you enter.
- Under the headline Schedule enter the following:
- Schedule enabled: Select if you want to run Recurrent scans or once at a scheduled time.
- Start: select the first start date and time. Notice that reoccurring scans will start at the time set here.
- Timezone: select the time zone for the schedule.
- Repeat: Select daily, weekly, or monthly between the scans.
- Every: The occurrence in combination with the values selected in repeat and day
- Day: Select which day you want the scans to run.
- Under the headline Notifications, enter information about notifications sent before the scheduled scan and when the scheduled scan is finished.
- Under Notification before the scan starts, enter the following:
- Notify the scan owner before the scan starts: check to enable.
- Notify before the scan starts: select how long before the scan the notifications should be sent. The default is 1 hour.
- Subject: enter a custom subject for the Notification, or use default.
- Sender name: enter a custom sender name for the Notification, or use default.
- Sender email: enter a custom sender email for the Notification, or use the default. If you use your email (e.g., notifications@yourbusiness.com) address, please add the following SPF record for the domain (e.g., business.com) to avoid problems receiving the emails:
http://support.holmsecurity.com/hc/en-us/articles/213446285 - Recipients: Enter additional recipients for the notifications.
- Message: Enter a custom message for the Notification, or use default.
- Under Notification for finished scan, enter the following:
- Notify the scan owner when this scan is finished: check to enable.
- Subject: enter a custom subject for the Notification, or use default.
- Sender name: enter a custom sender name for the Notification, or use default.
- Sender email: enter a custom sender email for the Notification, or use the default.
- Also, send Notifications to the following email addresses: enter additional recipients for the notifications.
- Message: enter a custom message for the Notification, or use default.
- Click OK.
- The policy scan will now run, and a notification will be sent (if activated) according to the schedule.
- Done!