The scan details show the progress of different processing during a scan. The following information describes the different scan detail information.
Some scan types perform assessment but do not scan for vulnerabilities. These scans show less information in the Discovery and Assessment sections. The Vulnerabilities by Risk pie chart is grayed out. These scan types include the Baseline Policy scan, XCCDF Benchmark scan, and McAfee Policy Auditor Data Collection scan.
Scan Status page Scan detail description
Detail Description
Scan Timeline Shows the progress of the current scan using a green
bar. The bar is orange if the actual scan time is significantly longer than the estimated duration.
The scan timeline does not appear the first time you run a scan. The scan timeline appears after the first
successful completion of the scan.
Estimated
Duration Shows the estimated time the scan should take to complete, based on the completion history of the scan.
The estimated duration does not appear the first time you run a scan. The estimated duration only appears after the first successful completion of the scan.
The estimated duration works best when the scan configuration remains consistent (like the number of hosts being scanned and the vulnerabilities). Modifying
Previous Duration Shows the duration of the last time the scan completed.
Scans that were canceled or failed are not taken into consideration.
Start Displays the date and time the scan started. End Displays the date and time the scan ended.
Duration Displays the amount of time (hh:mm:ss) between when a
scan started and when it ended.
The scan start time is obtained from the scan engine and the end time is obtained from the API server. If the scan engine and the API server are on different servers and the server clocks are not synchronized, you get an inaccurate scan time.
Engine Displays the scan engine used during the scan. Discovery Shows the progress and details about the discovery
portion of the scan.
Hosts found – Number of hosts found compared to
the number of possible hosts. Possible hosts include all IP addresses in an IP range, even if the IP address is not being used by a host.
Network saturation – Percentage of discovered hosts
compared to the number of potential hosts.
Services found – Total number of services found on all
hosts discovered by the scan.
Average services per host – Total number of services
divided by the total number of discovered hosts. Discovery batches completed – Number of discovery
batches completed compared to the total number of discovery batches.
Successful login(s) – Number of hosts the scan could
successfully log on to based on the credentials or credential set included in the scan configuration.
McAfee Vulnerability Manager 7.5 Product Guide 55
Detail Description
Discovered Operating Systems
Shows the five operating systems with the highest number of discovered hosts and the number of hosts running other operating systems (Other Operating
Systems).
Hovering over a pie slice displays the number of hosts found with that operating system. Clicking on the pie chart displays a list of all operating systems and the number of hosts in each.
Assessment Shows the progress and details about the assessment
portion of the scan.
Hosts assessed – Number of hosts assessed
compared to the number of hosts discovered. Hosts not assessed – Number of hosts not assessed
by the scan. This includes hosts that were partially assessed, like an assessment timing out when the maximum amount of time allowed to scan a single host is reached.
Vulnerabilities found – Total number of vulnerabilities
found on all hosts assessed by the scan. Average vulns per host – Total number of
vulnerabilities divided by the total number of assessed hosts.
Assessment batches completed – Number of
assessment batches completed compared to the total number of assessment batches.
Vulnerabilities by
Risk Shows the high, medium, low, and informational vulnerabilities found as a pie chart. Hovering over a
section of the pie chart shows the number of vulnerabilities discovered for that risk level.
Post Processing Shows the progress of the post processing for the scan.
Post processing begins after assessment is complete. Post processing includes updating asset data, computing data (like FoundScore), and adding the report to the queue for generating the scan report.
Logs Shows the last five log messages for the scan. The logs
are updated at regular intervals.
This information comes from the scan engine. If the scan controller is on the same server as the scan engine, the scan controller log messages should display.
These messages are provided to show the scan is still active. Some scan processes, like batch processing, can take a long time to complete, and during that time, the scan might appear to be stuck. The log messages shows if the scan is still active by updating every 10 seconds. If the messages do not change for a long time, the scan might be stuck.
Scan Status page
Detail Description
Errors If one or more errors occur during a scan, an error link is
available on the Scan Details page. Click the errors link to view a list of errors.
This information comes from the scan engine. If the scan controller is on the same server as the scan engine, the scan controller error links should display.
There are scan events that are logged as errors that do not negatively impact the scan. McAfee recommends only viewing the error messages if your scan fails, with the help of technical support.
For recovered scans, the error count might be inaccurate, depending on how much work must be redone to recover the scan. Scan recovery occurs when a scan engine is restarted during a scan.
Note: Organization administrators, workgroup administrators, and the global administrator can view scan errors.