Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Are VA scans normally done on servers zones/subnets only or includes users & Management zone?

Posted on 2016-10-09
4
Medium Priority
?
165 Views
Last Modified: 2016-10-24
What's the best practice out there?  Only scan server zones ie
DMZ, App server (internal) zone & DB zone?

What about servers' Management zone & PCs/users zones?

Can I say the reasons PCs /users subnets are not being scanned
because these are of low critical devices and to scan them will
take days (we have 2800 PCs) ?
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 17

Assisted Solution

by:OriNetworks
OriNetworks earned 600 total points
ID: 41835926
Scan EVERYTHING! The weakest link in the chain motto fits in well here.
0
 

Author Comment

by:sunhux
ID: 41837022
in our headquarter, there are 30000 PCs  (& 1200 servers) : I can't imagine scanning
30000 PCs/laptops considering nowadays the PCs have the sizing with similar number
of files/services as servers
0
 
LVL 62

Accepted Solution

by:
gheist earned 1400 total points
ID: 41845803
Your question is a little vague.

for scanning 30000 hosts probably best is to select random sub-sample for first scan, eliminate defects found on all 30000 hosts, extend sample, rinse, repeat and so on until comfortable.

We have scanner hooked to AD logs, so that long-absent laptops are attacked with all remedy tools possible, and we scan 100 random out of 5000 hosts with patch scanner and all powered on-hosts with network-only scanner during weekends after "Patch Tuesday". That way we scan all servers and all workstations that pretend to be servers.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
This article covers the basics of data encryption, what it is, how it works, and why it's important. If you've ever wondered what goes on when you "encrypt" data, you can look here to build a good foundation for your personal learning.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question