USM Anywhere provides a simple way to include scans for scheduling using its web user interface (UI). See USM Anywhere Scheduler for more information.
To schedule an asset scan job from the asset details window
- Go to Environment > Assets.
- Next to the asset name that you want to include in an asset scan,
click the icon and select Full Details.
- Select Actions > Schedule Scan Job.
The Schedule New Job dialog box opens.
- Enter a name for identifying the job.
- (Optional.) Enter a description.
- In the Action Type field, select Asset Scanner.
- Select a sensor in case you have more than one installed.
- In the App Action field, Scan is the default option. This option discovers services, operating systemsSoftware that manages computer hardware resources and provides common services for computer programs. Examples include Microsoft Windows, Macintosh OS X, UNIX, and Linux., hostnamesA hostname is a label that is assigned to a device connected to a computer network and is used to identify the device on the network., IP and MAC addressesA unique numeric value assigned by the manufacturer to identify a specific network device or computer, which allows communication over networks. Note that a device’s MAC address can be manipulated., and vulnerabilities of known hostsReference to a computer on a network..
- The Asset field displays the name of the asset to scan. You can't modify this field.
Select the scan profile that you want to run:
- Discovery: This profile scans the known ports and services searching for the most-used ports. (There are 457 ports).
- Complete: This profile scans all TCP and UDPSimple transmission protocol that does not require recipient notification and uses datagrams for its messaging. UDP is part of the transport layer in the TCP/IP protocol. ports to find the possible ports in a deploymentEntire process involved in installation, configuration, startup, and testing of hardware and software in a specific environment.. (There are 65535 ports).
- Vulnerability Discovery: Performs general network discovery and checks for specific known vulnerabilities. It only reports results if they are found.
- Extended Vulnerability Discovery: Performs a VulnerabilityA known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. Discovery scan, which actively discovers more about the network.
- Intensive Vulnerability Discovery: Performs several tasks to discover vulnerabilities, which uses up a significant amount of resources on the targeted machine. Because of this, sensitive targets may perceive a brief disruption on their services.
Select Set Debug Mode if you want to log the results of the scan or if you have a problem with a scan.
This option is disabled by default.
Note: Keep in mind that the Set Debug Mode option must be used only for debugging purposes because it needs a large amount of disk space for the file or files that it generates. Only AT&T Cybersecurity Technical Support should review these files. You can contact this department for more information.
In the Schedule section, specify when USM Anywhere runs the job:
- Select the increment as Minute, Hour, Day, Week, Month, or Year.
Set the interval options for the increment.
The selected increment determines the available options. For example, on a weekly increment you can select the days of the week to run the job.
Or on a monthly increment you can specify a date or a day of the week that occurs within the month.
Set the Start time.
This is the time that the job starts at the specified interval. It uses the time zone configured for your USM Anywhere instance (default is Coordinated Universal Time [UTC]).
Important: USM Anywhere restarts the schedule on the first day of the month when tasks are configured to be executed with the option "Every x days".
- Click Save.
Depending on the USM Anywhere Sensor that you have installed, this field can include different options.
The job now displays in the job scheduler list.
Note: See USM Anywhere Scheduler for more information.