Scanning
Open Ports
Select a port list to be used when the Vulnerability ProtectionDeep Security Manager performs a port scan on discovered computers. (The port lists in the drop-down list are the same ones defined in the Port Lists page in the Shared section.)
Recommendations
Periodically, the Agents can scan their computer for common applications and then make rule recommendations based on what is detected. This setting sets the interval between scans on computers that have been configured to allow them.
This setting is not the same as a Scheduled Task to perform Recommendation Scans. If you wish to regularly scan for Recommendations, you should select this option or create a Scheduled Task (
Administration > Scheduled Tasks), but not both. For more information on Scheduled Tasks, see
Scheduled Tasks.
Virtual Appliance Scans (Policy editor only)
The Virtual Appliance has various settings that can significantly improve the efficiency of security scans in large virtual machine environments where Agentless protection has been implemented.
- Max Concurrent Scans: Scan requests are queued by the Virtual Appliance and carried out in the order in which they arrive. However, the Virtual Appliance is capable of carrying out concurrent scans on multiple VMs. The recommended number of concurrent scans is five. Beyond 10, the performance of the Virtual Appliance may begin to decline. This setting applies to Manual/Scheduled scans.
- Max On-Demand Malware Scan Cache Entries: This determines, for Manual (on-demand) Malware Scans, the maximum number of records that identify and describe a file or other type of scannable content to keep. One million entries will use approximately 100MB of memory.
- Max Real Time Malware Scan Cache Entries: This determines, for Real-Time Malware Scans, the maximum number of records that identify and describe a file or other type of scannable content to keep. One million entries will use approximately 100MB of memory.
- Max Integrity Monitoring Scan Cache Entries: This determines, for Integrity Monitoring, the maximum number of entities included in the baseline data for Integrity Monitoring. Two hundred thousand entities will use approximately 100MB of memory.