Scans Setup

Go to Scans > Setup to see global setup options related to scanning.

Some options may not be available, depending on your service level and subscription settings.


View the storage settings for scan/map results, as defined for your account, and change if you want.

Excluded Hosts

Hosts added to the excluded hosts list will never be scanned by the service, even if included in the scan target by a user.

Dissolvable Agent

A Manager user must accept the Dissolvable Agent (Agent) in order to perform certain types of security scans. Learn more

PCI Account Links

To share PCI scans with your PCI Merchant accounts, you must create links to those accounts. Go to the PCI Account Links Setup page to manage your PCI account links.

Scheduled Scans

The Manager primary contact has the option to prevent the service from starting a new scheduled scan when there's an instance of it running or paused. Also the Manager primary contact has the option to allow users to configure a scheduled scan to relaunch once a scan instance finishes. This supports continuous scanning.

Schedules Data List Setup

If the Schedules data list (under Scans > Schedules) takes too long to load, then a Manager user can use this option to display a filtered view of the list when it is first loaded. The Manager can choose to display all schedules, only active schedules, only VM scan schedules, or only map schedules when the list is first loaded. The corresponding filter on the data list will be selected by default. Users can then change the filter or perform a search to see additional schedules. (Supported for vulnerability scans and maps only.)

Scanner Trusted CA

The Manager primary contact has the option to accept this feature allowing Managers to create a list of private certificate authorities for use by the scanner. Learn more

DNS Tracking

The Manager primary contact has the option to automatically change the tracking method from IP to DNS for hosts when a valid DNS hostname is detected at scan time. This applies only when scans are launched by DNS hostname. Learn more

Syslog Forwarding

A Manager user has the option to enable this feature to have scan related syslog messages (/var/log/messages syslog stream) forwarded from scanner appliances to a remote syslog server. Once enabled, syslog forwarding is on for all scanner appliances (virtual and physical) currently in the subscription and for new scanners that get added later. Learn more

Max Scan Duration per Asset

A Manager user has the option to enable this feature to allow users to set a maximum scan duration per asset in their option profiles. This determines how long a scan can run on a single asset. If the scan of an asset exceeds the duration specified in the option profile, then the scan on the asset will be aborted and the scan job will continue to the next target. (Supported for vulnerability scans only.) Learn more