Scan Engines
- Share
- Issue Time
- May 29,2023
Summary
Scan Engines
Scan Engines are the workhorses of the scanning process and operate solely at the discretion of the Security Console. They are responsible for discovering assets during a scan, checking them for vulnerabilities, and assessing their level of policy compliance (if your selected scan template is configured to do so). Although Scan Engines serve as data collectors, they only temporarily store this data on their respective host machines.
Scan Engines
Scan Engines are the workhorses of the scanning process and operate solely at the discretion of the Security Console. They are responsible for discovering assets during a scan, checking them for vulnerabilities, and assessing their level of policy compliance (if your selected scan template is configured to do so). Although Scan Engines serve as data collectors, they only temporarily store this data on their respective host machines. Instead, the Security Console integrates Scan Engine data into the PostgreSQL database for you to see and report on. This is why Scan Engine host machine storage requirements are far lower than what the Security Console requires.
Scan Engine Types
The Security Console can use multiple Scan Engines of various types that are designed to meet the configuration needs and scanning demands of your network.
Local Scan Engine
All installations of the Security Console include a local Scan Engine so that you can start scanning immediately after your initial deployment. While convenient, the local Scan Engine is best suited for very small scale deployments and trial experiences of the product.
Distributed Scan Engine
Distributed Scan Engines are the most widely used engine type and are essential for any production scanning deployment. Unlike the local variety, you install distributed Scan Engines on separate host machines from the console itself. As a result, they can make use of more processing resources for scanning tasks and you can efficiently distribute them depending on the geographic spread of your assets. You can also configure each distributed Scan Engine to communicate with the Security Console in a way that accommodates the presence of any firewalls on your network.
External Scanning Service
If you rather not deploy a Scan Engine on your own resources, Rapid7 offers access to Scan Engines provisioned through our External Scanning Service that are dedicated to your organization. These external Scan Engines are also useful for determining what attackers can see on your external assets that are accessible to the internet.
If you have any question on scan energine , please feel free to contact us.