View scanner information

  1. Sign in to the Arctic Wolf Unified Portal.
  2. In the navigation menu, click Data Collection > Scanners.
  3. Optional: Use search or filters to refine that data that displays in the table.
    For more information, see Scanner filters.
  4. Find the scanner to view, and then click View Scanner.

The scanner page opens. The header displays this information about the scanner:

  • Scanner Name — The name of the scanner.
  • Status — Displays one of these scanner statuses:
    • Connected — The scanner is connected to Arctic Wolf®.
    • Scanning — The scanner is actively scanning.
    • Idle — The scanner is waiting for its next scheduled job.
    • New — The scanner profile was recently created. New profiles are subject to review.
    • Preparing To Ship — Your hardware is being configured and will be shipped to you soon.
    • Shipped — Your hardware has shipped.
    • Awaiting Activation — The scanner is registered, but not activated.
    • Degraded — The scanner encountered an issue while scanning.
    • Disconnected — The scanner is not visible on the network.
  • Connection Status — Displays one of these connection statuses:
    • Connected — The scanner is online.
    • Disconnected — The scanner is offline.

The Scanner Information section has these details:

  • Scanner Type — The scanner type. For example, Virtual, or Physical.
  • Model — The specific scanner model.
  • Scanner Name — The name of the scanner.
    Tip: You can change an IVA scanner name. For more information, see Rename an IVA scanner.
  • Site — The site location of the scanner. Click to select or change the site location that is associated with the scanner.
  • Scanner UUID — The universally unique identifier (UUID).
  • Last Seen IP Address — The IP address that was last seen from the scanner.
  • Subnet Mask — The subnet mask of the scanner.
  • Version — The version number of the scanner.
  • Serial # — The serial number of the scanner.
  • Default Gateway — The IP address of the default gateway.
  • Deployment ID — The serial device identifier of the Arctic Wolf appliance.
  • Last Scan Completion — The date and time that the last scan completed.

The Scanner Configuration section has these details:

  • Self Scanning — Configures whether self-scanning is enabled or disabled.

    For more information, see Enable or disable self-scanning.

  • Host Identification — Configures whether host identification scans are enabled or disabled.

    For more information, see Enable host identification.

    Note:

    When host identification is disabled, vulnerability scanning is also disabled.

  • Ping Only Discovery — Configures whether the scanner only scans hosts that respond to pings.

    For more information, see Enable or disable ping only discovery.

  • Scanning Intensity Level — Configures the network or host resource intensity or verbosity of the host identification scan. Options include: High, Medium (default), or Low. This setting is not available if the scanner does not support this configuration.
    Note: A resource intensity of Low might not provide enough resources to support some scan schedules.
  • Scan Period — Configures the scan frequency of the host identification scan. If you have a small number of hosts, you can reduce bandwidth by scanning less frequently. Options include: 5 minutes (default), 30 minutes, 60 minutes, or 120 minutes. This setting is not available if the scanner does not support this configuration.
  • Vulnerability Scanning — Displays whether IVA scans are enabled or disabled.

    For more information, see Enable vulnerability scanning.

  • CGI Scanning — Configures whether common gateway interface (CGI) scans search for well-known vulnerabilities in web apps and similar software.

    For more information, see Enable or disable CGI scanning.

  • Brute Force Scanning — Configures whether the scanner checks for brute force attempts in your network.

    For more information, see Brute force scanning.

  • Maximum Concurrent Vulnerability Scans — Configures the maximum number of vulnerability scans that can run at the same time. Options include: Unlimited (max. and default) or a value between 1 and 30. This setting is not available if the scanner does not support this configuration.
    Note:
    • We recommend a configuration of Unlimited unless you want to limit concurrent scans to reduce network impact.
    • If the scanner is already scanning a peak of 6 scans concurrently, changing it from Unlimited to 20 will not increase the number of scans.
    • The Scan Queue might display a different number of hosts than this configuration because scan queues are affected by the amount of CPU that each process requires. Raising the maximum number of scans does not enforce a minimum concurrent scan value.