Skip to content
  • There are no suggestions because the search field is empty.

What are the general requirements and best practices for assessments of larger networks?

This article describes the requirements and best practices for assessments of larger networks.

You can scan up to a /16 networks (Class B) in a single run. When selecting a network scan target larger than a /20 network, the system automatically identifies it and splits the scan into several runs for optimal performance, running them in parallel.

Requirements for assessments of larger networks

A Scanner Appliance can, under normal circumstances, handle a scan on its own for up to 4096 IP addresses or a single /20 network.

If you exceed this number of potential targets, it is recommended to install more Scanner Appliances and connect them through a group. That way, multiple Scanner Appliances can share the workload and handle larger networks in separate runs.

If you are performing an internal assessment on a larger network, you need to have the correct number of Scanner Appliances to support the scans. The recommendation is at least one Scanner Appliance per 4096 addresses in a group to split the load and achieve optimal performance.

How do I group my Scanner Appliances?

For information on how to configure a Scanner Appliance group, see the related article for more information:

How do I create a Scanner Appliance group?

Best practices and examples

Depending on your assessment, there are several options to consider. Below are some examples of targets typical of many environments.

Example /16 network

  • You choose a network scan target that includes a /16 network.
  • The system identifies this as a larger IP range and performs an automatic split into several scans.
  • From the initial /16 network, there will be a total of 16 scan jobs running against /20 networks based on the initial target.
  • The 16 scan jobs will be executed in parallel for optimal performance and return results when finished for each /20 network.
  • If you target a /16 network, you should have 16 Scanner Appliances working together (Class B = 65536 divided by 16 = 4096).

Example /20 network

  • You choose a network scan target that includes a /20 network.
  • If you run a scan on a Scanner Appliance group and the scanned network is /20 or smaller, it will be run on a single Scanner Appliance from that group - the one that is least loaded.
  • If you manually divide a /20 network into, for example, 2 /21 networks or 4 /22 networks and run these as separate scans on a Scanner Appliance group, the execution will be more efficient as the scans will be distributed between Scanner Appliances within the group.

Scan faster with more hardware resources

If you want to increase the efficiency of your large network scans, consider adding more CPU cores and RAM to each Scanner Appliance - cores are the primary factor in performance. You can also increase the scan intensity to High in the scan profile settings.

For more information, please contact our customer support.