3 Replies Latest reply on Jun 25, 2015 5:20 PM by mlambert

    Where can I find best practices for patch scaning

    Rookie

      Looking for some documentation on speeding up the vulscan process.  We are currently scanning for approx 24000 vulnerabilities and the process takes a couple hours.

        • 1. Re: Where can I find best practices for patch scaning
          mlambert Apprentice

          The first thing you want to do is shorten that list up.  Make sure you are disabling rules and definitions that have been superseded by other patches. Disable Rules.png
          This will reduce the total number of rules any specific device scans for. 

           

          We are doing doing this on the back end with SQL so we don't have to worry about it but you can just put this into your patch plan to keep on top of it.

          1 of 1 people found this helpful
          • 2. Re: Where can I find best practices for patch scaning
            Rookie

            Thank you very much!  So how often should this be run?  Once a month?  Also, do we then need to go to the patch directory and clean up downloaded files manually?

            • 3. Re: Where can I find best practices for patch scaning
              mlambert Apprentice

              If you want to clean up the downloaded files, go to the "Download Updates" interface and under the "Patch Location" tab, there are a couple check boxes for "Patch Cleanup".  We delete patches for any Do Not Scan or Unassigned definitions and also for undetected rules published in the last 180 days.  Rebuild a scheduled task for you patch downloads to make sure it uses those settings and then it will go get rid of unnecessary binaries every time the system checks for new definitions.