Scans Settings

 

• Overview

• Access Scan Settings

• Manage Scan Settings

• Manage Agents Settings

• Manage Remediation Settings

• Manage Updates Settings

• Manage Notifications Settings

• Manage a Custom Notification

  • Create a New Template

• Manage Data Retention Settings

 

Overview

Scans Settings is where you manage your settings for:

• Scan Item Number and Load

• Target Preferences

• Remediation Settings

• Policy and Application Updates

• Notifications and Custom Notifications

• Data Retention

  Note: Settings changes are immediate upon entering data into a field.
  You may wish to retain a copy of the original settings when making updates if you need to revert back to the previous settings.

 

Access Scan Settings

To access the Scan Settings screen, use the following steps:

 

1. From the left menu, click Settings.
   
   
   

2. Click Application Settings.
   
   

3. To view sections in the Scans Settings:

   1. Click a down arrow to expand a section.
      
      

   2. Click an up arrow to collapse a section.
      
      

 

Manage Scan Settings

To manage Scan Settings, use the following steps:

1. Click the down arrow to expand the section.
   
   

2. Fill in the following settings:

   1. Minimum Load When Using Distributed Scanning (MB): Type a minimum scans number in megabytes.

   2. Minimum Number of Items When Using Distributed Scanning: Type a minimum number of items to use.
      
      

   3. Maximum Load When Using Distributed Scanning (MB): Type a maximum scans number in megabytes.

   4. Maximum Number of Items When Using Distributed Scanning: Type a maximum number of items to use.
      
      

      Note: If a distributed scan is not completing when run against a very large data set, you will need to set the thresholds to a minimum of 5 MB and a maximum of 10 MB and run the scan again.
      
      Contact your Customer Success Manager if you have any questions.

Manage Agents Settings

To manage Agents settings:

 

1. Click the down arrow to expand the section.
   
   

2. Agent Search Progress Update Intervals: Type an interval setting.
3. Keep Agent Activity State History: Select, if applicable.
4. Automatically Merge Agents Based on: Select all applicable:
   1. Disable
   2. Hostname
   3. Mac Address
   4. IP Address
   5. All
5. Inherit Permissions on Targets from Filter/IP Tags: Select, if applicable.

Manage Remediation Settings

To manage Remediation settings, use the following steps:

1. Click the down arrow to expand the section.
2. Synchronize Classification Changes With Targets: Select, if applicable.
   
   

3. Classification Overlay Shape: Select an option from the drop-down list.
   
   

4. Use This Algorithm When Creating File Hashes: Select an option from the drop-down list.
5. Linux Quarantine File Path: Type the Linux location to quarantine the files.
6. Mac Quarantine File Path: Type the Mac location to quarantine the files.
7. Windows Quarantine File Path: Type the Microsoft windows location to quarantine the files.
   
   

8. Leave Behind Warning Text Content: Type a text message that displays on files specifying the reason of quarantine.
9. Redact Character Replacement: Type the character you want to use instead of the actual text for redacted information.
10. Redact all but Last 4: Select, if applicable.
    
    

    Note: The format of a default quarantine location is <path>, <admin account> where path is useraccount@domain.com of a cloud location and admin account (optional) is the administrative account to quarantine files.
    
    For example, the Google Drive quarantine file path can be john.doe@spirion.com/Quarantine.
    
    Global quarantine configurations for cloud locations are mostly done with the admin accounts.
    Also, global configurations can be overridden by Playbook quarantine locations.

11. Amazon S3 Quarantine File Path:Type the Amazon S3 location to quarantine the files.
    
    
12. Box Folder Quarantine File Path: Type one or more box locations to quarantine the files.
    
    
13. Dropbox Quarantine File Path: Type one or more Dropbox locations to quarantine the files.
    
    
14. Microsoft OneDrive Quarantine File Path: Type one or more Microsoft OneDrive locations to quarantine the files.

    Note: To quarantine files to Microsoft OneDrive, the entire location path must be written in lowercase.

    

15. Google Drive Quarantine File Path: Type the Google Drive location to quarantine the files.
    
    

16. SharePoint Quarantine File Path: Type the SharePoint location to quarantine the files.
    
    

17. Bitbucket Quarantine File Path: Type the Bitbucket location to quarantine the files.
    
    
18. In the Manage Protection (Authenticated) section:
    1. Click Manage.
    2. The Manage Protection window opens.
       
       
       
       
19. In the Manage Protection window, enter these settings:
    1. Admin User Account Name: Type your admin user account name and click Authenticate.
    2. Authentication Code: Type your authentication code provided from the authentication above in the box.
    3. Client ID: (Optional) Type your unique client ID to be used for authentication.
    4. Client Secret: (Optional) Type your unique client secret to be used for authentication.
    5. Tenant ID: (Optional) Type your tenant ID to be used by the authenticating server.
20. Click Save to save or Cancel to discard.

Note: If you enter value in any of the optional fields, it is mandatory to add values in the other optional fields as well.

21. In the Manage Label (Authenticated) section, do the following:
    1. Click Manage.
       
       

22. In the Manage Label pop-up window, fill in the following:
    1. Admin User Account Name: Type your admin user account name and click Authenticate.
    2. Authentication Code: Type your authentication code provided from the authentication above in the box.
    3. Client ID: Type your unique client ID to be used for authentication.
    4. Client Secret: Type your unique client secret to be used for authentication.
    5. Tenant ID: Type your tenant ID to be used by the authenticating server.
23. Click Save to save or Cancel to discard.
    
    

Manage Updates Settings

Use the following steps to manage your Updates Settings:

1. Click the down arrow to expand the section.
2. Check This URL for Policy Definitions Updates: Type the URL that hosts your Policy Definitions.
3. Automatically Check for Updates When Resources Page is Loaded for the First Time: Select, if applicable.
   
   

4. Check This URL for Application Updates: Type the URL that hosts your Application Updates.

Manage Notifications Settings

To manage Notifications Settings:

1. On the left of the Notifications row, click the down arrow to expand the section.
   
   

2. In the Purge Notifications section, select an option from the "Purge Dismissed Notification After" drop-down list.
   
   
   
   

3. In the Custom Notification section, you can manage existing custom notifications or create new ones.

Manage a Custom Notification

To manage custom notifications, use the following steps:

1. Locate a template in the list.
2. Use the toggle to change the deployed status.
   
   

3. To manage a template, click the more options menu.
   
   

4. Click Manage.
   
   

5. In the Manage Custom Notification pop-up window, make needed changes.
   
   

6. Click Update to save updates, Cancel to discard updates, or Delete to delete the template.

Note: If you click Delete button, it will immediately delete the template and there is no undo feature.

Create a New Template

1. In the Custom Notifications section, click New Template.
   
   
2. In the Create Custom Notification pop-up window, fill in the following:
   1. Name: Type the template name.
   2. Subject: Type a description of the template subject.
   3. Active: Use the toggle to change the Active status.
      
      
3. Body: Use the text editor to compose the body of the template.
   1. Use the toolbar to format the text and paragraphs, and to insert code and variables as needed.
      
      
4. Click Save to save the template or Cancel to discard.

Manage Data Retention Settings

To manage your Data Retention settings, fill in the following fields:

• Audit Data Retention:
  • Set the number of years to retain data.
  • A minimum of five years is required.
• Gather Data Retention:
  • Set the number of days to gather data.
  • This number must be between 1 and 30 days.
• Scan Results Retention:
  • Set the number of months to retain scan results.
  • This number must be between 1 and 12 months.
• Event History - Watcher:
  • Set the number months for the Watcher Event History, if applicable.
• Activity History:
  • Set the number to set the number of months in the Incident History.
  • A minimum of 12 months is required.
• Search History
  • Set the number of months to retain the history of scanned locations when using Differential Scan.
  • After this set number of months, search history data is purged (deleted).
  • This number must be between 1 and 12 months.