Running a Manual Vulnerability Scan

  1. To run a vulnerability scan on the Apex One server computer, navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS and double-click TMVS.exe. The Trend Micro Vulnerability Scanner console appears. To run vulnerability scan on another endpoint:
    1. On the Apex One server computer, go to <Server installation folder>\PCCSRV\Admin\Utility.
    2. Copy the TMVS folder to the other endpoint.
    3. On the other endpoint, open the TMVS folder and then double-click TMVS.exe.

      The Trend Micro Vulnerability Scanner console appears.

    Note:

    You cannot launch the tool from Terminal Server.

  2. Go to the Manual Scan section.
  3. Type the IP address range of the endpoints you want to check.
    1. Type an IPv4 address range.
      Note:

      Vulnerability Scanner can only query an IPv4 address range if it runs on a pure IPv4 or dual-stack host machine. Vulnerability Scanner only supports a class B IP address range, for example, 168.212.1.1 to 168.212.254.254.

    2. For an IPv6 address range, type the IPv6 prefix and length.
      Note:

      Vulnerability Scanner can only query an IPv6 address range if it runs on a pure IPv6 or dual-stack host machine.

  4. Click Settings.

    The Settings screen appears.

  5. Configure the following settings:
    Option Description

    Ping settings

    Vulnerability Scan can "ping" the IP addresses specified in the previous step to check if they are currently in use. If a target host machine is using an IP address, Vulnerability Scanner can determine the host machine's operating system.

    For details, see Ping Settings.

    Method for retrieving computer descriptions

    For host machines that respond to the "ping" command, Vulnerability Scanner can retrieve additional information about the host machines.

    For details, see Method for Retrieving Endpoint Descriptions.

    Product query

    Vulnerability Scanner can check for the presence of security software on the target host machines.

    For details, see Product Query.

    Apex One server settings

    Configure these settings if you want Vulnerability Scanner to automatically install Security Agent to unprotected host machines. These settings identify the parent server and the administrative credentials used by the Security Agent to log on to the host machines.

    For details, see Apex One Server Settings.

    Note:

    Certain conditions may prevent the installation of the Security Agent to the target host machines.

    For details, see Guidelines When Installing the Security Agent Using Vulnerability Scanner.

    Notifications

    Vulnerability Scanner can send the vulnerability scan results to Apex One administrators. It can also display notifications on unprotected host machines.

    For details, see Notifications.

    Save results

    In addition to sending the vulnerability scan results to administrators, Vulnerability Scan can also save the results to a .csv file.

    For details, see Vulnerability Scan Results.
  6. Click OK.
  7. Click Start.

    The vulnerability scan results appear in the Results table under the Manual Scan tab.

  8. To save the results to a comma-separated value (CSV) file, click Export, locate the folder where you want to save the file, type the file name, and click Save.
Parent topic: Vulnerability Scan Methods