Configure Scan Settings

Launch the Scan Configuration Utility using ConfigurationFDEC.exe in the installation directory under Bin\. The configuration utility executable is the same for both NAS and SharePoint environments.

Use the following options to configure the scan settings:

Scan configuration Description
Scan Name An arbitrary name for your scan.
Guardium Appliance The hostname or IP address of your Guardium Appliance.

In a NAS environment, scans can run concurrently, and each scan can be configured with a different appliance address.

Click Manage to enter a list of Guardium® appliances. You can test the connection on each appliance individually. In the event of a failover, the agent connects to the next appliance on list.

Local Host Address The IP address of the local host.
Scan Host

For NAS, this is the IP or hostname of NAS environment.

For SharePoint, Scan Host is auto-filled with localhost.

Scan Paths Here are some examples of scan paths:
  • For NAS: NameOfShareDrive
    Notes:
    • The NameOfShareDrive supports the share, zone, or drive name. However, you cannot specify the path.
    • To make scanning time of the whole NAS device more manageable, you can split it into smaller shares, and create a scan for each share.
  • For SharePoint: http://SharePointServer/my/test

    Click add or remove scan paths icon to select, add, or remove site collections to the scan. To create a farm-wide scan, do not specify a path.

Scan Every

The scan schedule can be configured in hours or days. By default, the frequency of the scan is every 12 hours.

Scans can also be scheduled to run at a specific time.

Run Now Use this option to run a scheduled scan immediately.

To activate the Run Now button, click play.

Directory Level

The number of levels that will be scanned in the directory structure. The default is 100
Scan Options
  • Containers Only: scans only directories, and will not trigger classification on the objects themselves.
  • All Objects: scans everything including files, directory tree, and will match criteria.
  • Matches Only: this scan only returns records that trigger criteria.
Scan Criteria This allows for upload of various criteria sets. You may select the specific criteria you wish to use for classifying files. As an example: GDPR sensitive data patterns can be selected from the GDPR.update file. For criteria that align with other compliance guidelines such as HIPAA, select patterndefs.update.

To create user-defined criteria, see Creating User-Defined Criteria.

Scan Service Account

The service account for each scan can be configured independently to reflect the environment being scanned.

After you save a scan, click play to activate the scan.

Click stop to stop a scan.

Click restart to restart a scan.

New Scan, Save Scan, and Delete Scan

Use these buttons to create, save, or delete a scan.

You must click the play button to activate a scan after it is saved.

Purge scan DB Purge your local database periodically for fresh scan results. You must also purge the local database in the event that a scan is interrupted.
Scan Status This displays the scan status including Started Last Scan, Finished Last Scan, Scanned Objects, New and Updated Objects, Deleted or Renamed Objects.
Note:
  • After you configure and save the scan, click play to activate the scan.
  • Scans can be scheduled to run concurrently. But if two scans target the same host, they will run consecutively.
  • The default maximum size for file classification is 2MB.

Notes on Upgrading:

It is not recommended to upgrade the scan configuration utility until the scan is finished. Upgrading or stopping the service may corrupt the scan results.

When you upgrade your scan utility, you must reenter the service account credentials. During the upgrade, all active scans will have new services created for them, and they will begin running according to their schedule. You must click the play button to enable all new, and inactive scans.