|Applies to Product:||USM Appliance™||AlienVault OSSIM®|
You can modify the default vulnerability scanner settings to optimize the scanner for your environment. For example, you can change the default port number (9390) for the vulnerability scanner if this port is already in use.
To change the vulnerability scanner configuration
- Go to Configuration > Administration > Main.
Click Vulnerability Scanner to display the fields underneath.
Change any of the fields as needed.
Field descriptions for the AlienVault Vulnerability Scanner
The IP address that identifies the host (only for non-distributed scans)
Enable Pre-Scan locally
Only performs the pre-scan if the USM Appliance Sensor is local, such as in a USM Appliance All-in-One. The default value is No.
Vulnerability Ticket threshold
Choose a value between Info, Low, Medium, High and Disabled. The default value is Low. See Changing the Vulnerability Ticket Threshold for details.
Close tickets automatically When enabled, tickets related to vulnerabilities will be automatically closed if the vulnerabilities found in the previous scans are not present in the latest scan.
- Click Update Configuration.
By default, USM Appliance can run five vulnerability scans simultaneously per USM Appliance Sensor. If you configure a new scan job when there are already 5 scans running on the same USM Appliance Sensor, USM Appliance delays the job to for 15 minutes. Should the USM Appliance Sensor has not finished scanning at that time, USM Appliance delays the job for another 15 minutes, until the USM Appliance Sensor is available to start the new scan.
To lower the maximum number of simultaneous scans