Up
Previous Next

Sheriff CSM™

Changing Other Vulnerability Scanner Options

You can modify the default vulnerability scanner settings to optimize the scanner for your environment. For example, you can change the default port number (9390) for the vulnerability scanner if this port is already in use.

To change the vulnerability scanner configuration

1. Go to Configuration > Administration > Main.

2. Click Vulnerability Scanner to display the fields underneath.

   

3. Change any of the fields as needed.

   Field descriptions for the Sheriff Vulnerability Scanner

   Field	Description
   Scanner host	Type an IP that identifies the host (only for non-distributed scans)
   Enable Pre-Scan locally	Only performs the pre-scan if the Sheriff CSM Sensor (Deputy) is local, such as in a Sheriff CSM All-in-One.
   Vulnerability Ticket threshold	Choose a value between Info, Low, Medium, High and Disabled. See Changing the Vulnerability Ticket Threshold for details.

4. Click Update Configuration.

By default, Sheriff CSM can run five vulnerability scans simultaneously per Sheriff CSM Sensor. If you configure a new scan job when there are already 5 scans running on the same Sheriff CSM Sensor, Sheriff CSM delays the job to for 15 minutes. Should the Sheriff CSM Sensor has not finished scanning at that time, Sheriff CSM delays the job for another 15 minutes, until the Sheriff CSM Sensor is available to start the new scan.

To lower the maximum number of simultaneous scans

1. Go to Configuration > Deployment > Components > Sensors.

2. Double-click the Sheriff CSM Sensor you want to change.

   The configuration options for the Sheriff CSM Sensor display.

   

3. Drag the bar to adjust a value between 1 to 5.

4. Click Update.