- play_arrow What's New for Users in JSA Vulnerability Manager 7.4.0
- play_arrow Installations and Deployments
- Installations and Deployments
- Vulnerability Backup and Recovery
- Ports Used for Communication Between JSA and JSA Vulnerability Manager Managed Hosts
- Options for Moving the Vulnerability Processor in Your JSA Vulnerability Manager Deployment
- Options for Adding Scanners to Your JSA Vulnerability Manager Deployment
- JSA Vulnerability Manager High-availability Scans
- Extending the JSA Vulnerability Manager Temporary License Period
- JSA Vulnerability Manager High-availability Scans
- play_arrow Overview Of JSA Vulnerability Manager
- play_arrow Vulnerability Scanning Strategy and Best Practices
- Vulnerability Scanning Strategy and Best Practices
- Scan Policy Types
- Scan Duration and Ports Scanning
- Tune Your Asset Discovery Configuration
- Tune Your Asset Discovery Performance
- Web Application Scanning
- Scanner Placement in Your Network
- Dynamic Scanning
- Network Bandwidth for Simultaneous Asset Scans
- Network Interface Cards on Scanners
- Vulnerability Management for Asset Owners
- Vulnerability Scan Notifications
- Triggering Scans of New Assets
- Configuring Environmental Risk for an Asset
- External Scanning FAQs
- play_arrow False Positives Management
- play_arrow Authenticated Patch Scans
- play_arrow Scanning on Windows-based Assets
- Scanning on Windows-based Assets
- Configuring an Authenticated Scan Of the Windows Operating System
- Remote Registry
- Enabling Remote Registry Access to Assets on the Windows Operating System
- Assigning Minimum Remote Registry Permissions
- Configuring WMI
- Setting Minimum DCOM Permissions
- Setting DCOM Remote Access Permissions
- Administrative Shares
- Enabling Administrative Shares
- Disabling Administrative Shares
- Manually Configuring NTLMv2 Authentication to Prevent Scan Failures
- play_arrow Vulnerability Exception Rules
- play_arrow Scan Investigations
- Scan Investigations
- Searching Scan Results
- Including Column Headings in Asset Searches
- Managing Scan Results
- Republishing Scan Results
- Asset Risk Levels and Vulnerability Categories
- Asset, Vulnerability, and Open Services Data
- Viewing the Status Of Asset Patch Downloads
- Vulnerability Risk and PCI Severity
- Troubleshooting Scan Issues
- Emailing Asset Owners When Vulnerability Scans Start and Stop
- play_arrow Management Of Your Vulnerabilities
- Management Of Your Vulnerabilities
- Common Vulnerability Scoring System (CVSS)
- Investigating Vulnerability Risk Scores
- Custom Risk Classification
- Searching Vulnerability Data
- Vulnerability Instances
- Network Vulnerabilities
- Asset Vulnerabilities
- Open Service Vulnerabilities
- Investigating the History Of a Vulnerability
- Reducing the Number Of False Positive Vulnerabilities
- Investigating High Risk Assets and Vulnerabilities
- Prioritizing High Risk Vulnerabilities by Applying Risk Policies
- Configuring Custom Display Colors for Risk Scores
- Identifying the Patch Status Of Your Vulnerabilities
- Removing Unwanted Vulnerability Data
- Configuring Vulnerability Data Retention Periods
- play_arrow Vulnerability Remediation
- play_arrow Vulnerability Reports
- play_arrow Scanning New Assets That Communicate with the Internet
- Scanning New Assets That Communicate with the Internet
- Creating an Asset Saved Search for New Assets
- Creating an On-demand Scan Profile
- Creating a Policy Monitor Question to Test for Internet Communication
- Monitoring Communication Between New Assets and the Internet
- Configuring an Offense Rule to Trigger a Scan
- play_arrow Security Software Integrations
- play_arrow IBM Security SiteProtector Integration
- play_arrow Vulnerability Research, News, and Advisories
- play_arrow JSA Vulnerability Manager Engine for OpenVAS Vulnerability Tests
Configuring a Permitted Scan Interval
In JSA Vulnerability Manager, you can create an operational window to specify the times that a scan can run.
You must have the correct license capabilities to perform the following scanning operations. If you need assistance to obtain a new or updated license key, contact your Juniper Customer Support.
If a scan does not complete within the operational window, it is paused and continues when the operational window reopens. To configure an operational window:
Click the Vulnerabilities tab.
In the navigation pane, click Administrative >Operational Window.
On the toolbar, click Actions >Add.
Enter a name for the operational window in the Name field.
Choose an operational window schedule from the Schedule list.
Optional: Select the times when scanning is permitted.
Optional: Select your timezone.
If you selected Weekly from the Schedule list, then click the desired days of the week check boxes in the Weekly area.
If you selected Monthly from the Schedule list, then select a day from the Day of the month list.
Click Save.
Operational windows can be associated with scan profiles by using the When To Scan tab on the Scan Profile Configuration page.
If you assign two overlapping operational windows to a scan profile, the scan profile runs from the beginning of the earliest operational window to the end of the later operational window. For example, if you configure two daily operational windows for the periods 1 a.m. to 6 a.m. and 5 a.m. to 9 a.m., the scan runs between 1 a.m. and 9 a.m.
For operational windows that do not overlap, the scan starts from the earliest operational window and pauses if there's a gap between the operational windows, and then resumes at the beginning of the next operational window.
Scanning During Permitted Times
In JSA Vulnerability Manager, you can schedule a scan of your network assets at permitted times, by using an operational window.
If you are applying the operational window to an authenticated patch scan, set the minimum window to 4 hours.
Click the Vulnerabilities tab.
In the navigation pane, select Administrative >Operational Window.
On the toolbar, select Actions >Add.
Type a name for your operational window, configure a permitted time interval and click Save.
In the navigation pane, select Administrative >Scan Profiles.
On the toolbar, click Add.
When you create a scan profile, the only mandatory fields are Name and IP Addresses on the Details tab of the Scan Profile Configuration page. To configure scanning during permitted times, you must also follow the remaining steps in this procedure.
Click the When To Scan tab.
In the Run Schedule list, select Daily.
In the Start Time fields, type or select the date and time that you want your scan to run each day.
In the Operational Windows pane, select your operational window from the list and click (>).
Click Save.
Managing Operational Windows
In JSA Vulnerability Manager, you can edit, delete, and print operational windows.
You can edit an operational window while it is associated with a scan profile.
Click the Vulnerabilities tab.
In the navigation pane, select Administrative >Operational Window.
Select the operational window that you want to edit.
On the toolbar, select an option from the Actions menu.
Follow the instructions in the user interface.
Note:You cannot delete an operational window that is associated with a scan profile. You must first disconnect the operational window from the scan profile.
Disconnecting an Operational Window
If you want to delete an operational window that is associated with a scan profile, you must disconnect the operational window from the scan profile.
Click the Vulnerabilities tab.
In the navigation pane, select Administrative >Scan Profiles.
Select the scan profile that you want to edit.
On the toolbar, click Edit.
Click the When To Scan pane.
Select the relevant option from the Run Schedule list as required.
In the Name field, select the operational window that you want to disconnect and click (<).
Click Save.
