Applies to Product:

USM Appliance™

AlienVault OSSIM®

You can modify the default vulnerability scanner settings to optimize the scanner for your environment. For example, you can change the default port number (9390) for the vulnerability scanner if this port is already in use.

To change the vulnerability scanner configuration

1. Go to Configuration > Administration > Main.

2. Click Vulnerability Scanner to display the fields underneath.

   

3. Change any of the fields as needed.

   Field descriptions for the AlienVault Vulnerability Scanner

   Field	Description
   Scanner Login	Type a login for the scanner.
   Scanner Password	Type a password to access the scanner.
   Scanner host	Type an IP that identifies the host (only for non-distributed scans)
   Scanner port	The default port is 9390.
   Enable Pre-Scan locally	Only performs the pre-scan if the USM Appliance Sensor is local, such as in a USM Appliance All-in-One.
   Vulnerability Ticket threshold	Choose a value between Info, Low, Medium, High and Disabled. See Changing the Vulnerability Ticket Threshold for details.

4. Click Update Configuration.

By default, USM Appliance can run five vulnerability scans simultaneously per USM Appliance Sensor. If you configure a new scan job when there are already 5 scans running on the same USM Appliance Sensor, USM Appliance delays the job to for 15 minutes. Should the USM Appliance Sensor has not finished scanning at that time, USM Appliance delays the job for another 15 minutes, until the USM Appliance Sensor is available to start the new scan.

To lower the maximum number of simultaneous scans

1. Go to Configuration > Deployment > Components > Sensors.

2. Double-click the USM Appliance Sensor you want to change.

   The configuration options for the USM Appliance Sensor display.

   

3. Drag the bar to adjust a value between 1 to 5.

4. Click Update.