Identify Hosts To Assess

During configuration, confirm device locations on the network, and develop a deployment strategy that will not adversely affect business work flow.

TIP: A good rule to follow is the number of Employees * 1.25 = number of hosts.

RNA Host Capacity

Virtual = 5,000 hosts per RNA

Define Scanning Schedule

Scan completion time is dependent on frequency and time factors. It is advisable to spread network scans as much as possible within the desired total network completion period. Schedule scans to minimize interference with business practices. Most clients successfully configure scans to start in the early morning hours and complete before the workday starts. Scans will typically process 30-40 hosts per hour depending on the number and type of hosts being scanned. Large numbers of servers will significantly decrease scan speed.

Scan Frequency

Monthly scans for the total network are recommended, with more frequent scanning of critical assets.
Increasing scan frequency may require additional RNAs.

Simultaneous Scanning

Determine total scan completion criteria when configuring simultaneous scans.
Increasing levels of simultaneous scanning decreases scan time, but may require additional RNAs.

However your organization is structured, it is useful to at least consider how business groups can help you.

Allowlisting

Allowlisting Fortra source IP addresses on Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) devices is strongly recommended to provide an accurate measurement of your network security posture. While utilizing an IDS or IPS is desirable to detect and prevent attacks, it is not recommended to have these Systems block traffic from Fortra while conducting penetration tests or vulnerability assessment scans.

The goal of the assessments is to identify as many vulnerabilities as possible in a time-saving manner so organizations can take remediation actions. The goal of these assessments is not to prove IDS and IPS systems are working or to take additional time-consuming steps of utilizing IDS / IPS evasion techniques. If organizations do not allow traffic from Fortra, they may be missing identification of additional vulnerabilities blocked by the IDS / IPS that may still be susceptible to attack.

Operational Functions

Interrupting A Scan

If you need to stop a currently executing scan, you may do so through the Fortra VM interface. This procedure will leave the scan in an interrupted state.

Shutting Down the RNA

Shut down the RNA if it is being connected to new networks.
Ensure through Fortra VM that no assessments are in process or scheduled during the shut-down period.
Shutting down the RNA will stop any scans currently running. These scans will be outlined in red in the Fortra VM interface and will show a status of Errored.
Assessments scheduled to occur while the RNA is offline will not run, and will show up in Fortra VM as Errored with a status detail message indicating that the RNA was offline at the time of the scan.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
202505220728 | May 2025