I was wondering if my console would go down if i scan my console for vulnerabilities. I do scan my scan engines but haven’t tried to scan my scan engines. I have distributed scan engine layout, its always using the console so I second-guessed myself putting it on schedule?
Are you using an appliance image provided by Rapid7 or a host that was built by your infrastructure team?
We opted to go with a Windows Server with the software application. We’ve scanned ours pretty regularly without any noticeable consequences. Option B would be to install an agent if you had admin control of the system to do so.
We use linux VM built by my infrastructure team. I forget about the agent…hmmm…
Should be fine. The scans are pretty lightweight. As long as you have the credential to perform the scan, it should return fairly quickly without noticeable impact.
Thank you I am going to try it.
many customers include the console and the scan engines itself in their scans and it is also OK to install the agent on it.
Pushing the agent to your assets to perform the scan locally in some cases causes less interruption for mission critical systems. This way you are getting continuous data collection every six hours, and can view your vulnerabilities and, remediation velocity. It is a win-win.