Configuring a Scheduled Vulnerability Scan
To run a vulnerability scan on the OfficeScan server
computer, navigate to <Server installation
folder>\PCCSRV\Admin\Utility\TMVS and double-click
TMVS.exe. The Trend Micro
Vulnerability Scanner console appears. To run vulnerability scan
on another endpoint running Windows Server 2003, Server 2008, Vista, 7, 8, 8.1,
10, or Server 2012/2016:
- On the OfficeScan server computer, go to <Server installation folder>\PCCSRV\Admin\Utility.
- Copy the TMVS folder to the other endpoint.
On the other endpoint, open the
TMVS folder and then double-click
The Trend Micro Vulnerability Scanner console appears.
You cannot launch the tool from Terminal Server.
- Go to the Scheduled Scan section.
The Scheduled Scan screen appears.
- Type a name for the scheduled vulnerability scan.
Type the IP address range of the endpoints you want to
Type an IPv4 address range.
Vulnerability Scanner can only query an IPv4 address range if it runs on a pure IPv4 or dual-stack host machine. Vulnerability Scanner only supports a class B IP address range, for example, 22.214.171.124 to 126.96.36.199.
For an IPv6 address range, type the IPv6 prefix
Vulnerability Scanner can only query an IPv6 address range if it runs on a pure IPv6 or dual-stack host machine.
- Type an IPv4 address range.
- Specify the start time for the Schedule using the 24-hour clock format and then select how often the scan will run. Choose from daily, weekly, or monthly.
Select which set of vulnerability scan settings to
Select Use current
settings if you have configured and want to use manual
vulnerability scan settings.
For details about manual vulnerability scan settings, see Running a Manual Vulnerability Scan.
If you did not specify manual vulnerability
scan settings or if you want to use another set of settings, select
Modify settings and then click
The Settings screen appears.
Configure the following settings:
Vulnerability Scan can "ping" the IP addresses specified in the previous step to check if they are currently in use. If a target host machine is using an IP address, Vulnerability Scanner can determine the host machine's operating system.
For details, see Ping Settings.
Method for retrieving computer descriptions
For host machines that respond to the "ping" command, Vulnerability Scanner can retrieve additional information about the host machines.
For details, see Method for Retrieving Endpoint Descriptions.
Vulnerability Scanner can check for the presence of security software on the target host machines.
For details, see Product Query.
OfficeScan server settings
Configure these settings if you want Vulnerability Scanner to automatically install OfficeScan agent to unprotected host machines. These settings identify the parent server and the administrative credentials used by the OfficeScan agent to log on to the host machines.
For details, see OfficeScan Server Settings.Note:
Certain conditions may prevent the installation of the OfficeScan agent to the target host machines.
Vulnerability Scanner can send the vulnerability scan results to OfficeScan administrators. It can also display notifications on unprotected host machines.
For details, see Notifications.
In addition to sending the vulnerability scan results to administrators, Vulnerability Scan can also save the results to a .csv file.
For details, see Vulnerability Scan Results.
- Select Use current settings if you have configured and want to use manual vulnerability scan settings.
The Scheduled Scan screen closes. The scheduled vulnerability scan you created appears under the Scheduled Scan section. If you enabled notifications, Vulnerability Scanner sends you the scheduled vulnerability scan results.
To execute the scheduled vulnerability scan
immediately, click Run Now.
The vulnerability scan results appear in the Results table under the Scheduled Scan tab.Note:
MAC address information does not display in the Results table if the endpoint runs Windows Server 2008 or Windows Server 2012.
- To save the results to a comma-separated value (CSV) file, click Export, locate the folder where you want to save the file, type the file name, and click Save.