Cisco Cisco FirePOWER Appliance 7030
49-5
FireSIGHT System User Guide
Chapter 49 Scheduling Tasks
Automating Nmap Scans
You must have a valid email relay server configured on the Defense Center to send status messages. See
for more information about
configuring a relay host.
Step 6
Click
Save
.
The task is added. You can check the status of a running task on the Task Status page; see
.
Automating Nmap Scans
License:
FireSIGHT
You can schedule regular Nmap scans of targets on your network. Automated scans allow you to refresh
information previously supplied by an Nmap scan. Because the FireSIGHT System cannot update
Nmap-supplied data, you need to rescan periodically to keep that data up to date. You can also schedule
scans to automatically test for unidentified applications or servers on hosts in your network. See the
following sections for more information:
information previously supplied by an Nmap scan. Because the FireSIGHT System cannot update
Nmap-supplied data, you need to rescan periodically to keep that data up to date. You can also schedule
scans to automatically test for unidentified applications or servers on hosts in your network. See the
following sections for more information:
•
•
Note that a Discovery Administrator can also use an Nmap scan as a remediation. For example, when an
operating system conflict occurs on a host, that conflict may trigger an Nmap scan. Running the scan
obtains updated operating system information for the host, which resolves the conflict. For more
information, see
operating system conflict occurs on a host, that conflict may trigger an Nmap scan. Running the scan
obtains updated operating system information for the host, which resolves the conflict. For more
information, see
Preparing Your System for an Nmap Scan
License:
FireSIGHT
If you have not used the Nmap scanning capability before, you must complete several Nmap
configuration steps before defining a scheduled scan. See the following sections for more information:
configuration steps before defining a scheduled scan. See the following sections for more information:
•
provides information on setting up an Nmap server
connection profile.
•
provides information on setting up a scan target.
•
provides information on setting up a remediation
definition.
Scheduling an Nmap Scan
License:
FireSIGHT
You can schedule a scan of a host or hosts on your network using the Nmap utility.
After Nmap replaces a host’s operating system, applications, or servers detected by the system with the
results from an Nmap scan, the system no longer updates the information replaced by Nmap for the host.
Nmap-supplied service and operating system data remains static until you run another Nmap scan. If you
plan to scan a host using Nmap, you may want to set up regularly scheduled scans to keep Nmap-supplied
results from an Nmap scan, the system no longer updates the information replaced by Nmap for the host.
Nmap-supplied service and operating system data remains static until you run another Nmap scan. If you
plan to scan a host using Nmap, you may want to set up regularly scheduled scans to keep Nmap-supplied