This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

continuous scan configuration

JeffFulford
New Contributor
New Contributor

‎2017-09-14 03:29 PM

In the Continuous Scan Configuration (Malware Analysis config)  what is the Source Host and Source Port config value.  Is the Host the SA or the conentrator? Can the port be any port or does it need to be 56003?

 

Any help would be much appreciated.

Jeff

0 Likes
3 REPLIES 3

MichaelSconzo
Employee
Employee

‎2017-09-14 03:39 PM

The documentation leaves a bit to be desired, but it should be the concentrator/broker. We also have a course that goes over configuration.

0 Likes

JeffFulford
New Contributor
New Contributor

‎2017-09-15 08:20 AM

Thanks Michael, as a follow up question, I am also unclear as to what Malware Analysis service I should be configuring for the continuous scan, the one on the dedicated  Malware Analysis appliance or the SA-Malware Analysis?

 

Thanks

Jeff

0 Likes

KEVINDIENST
Beginner
Beginner
In response to JeffFulford

‎2017-09-16 10:53 AM

If you have a dedicated Malware Analysis device, use that. The out of the box SA - Malware Analysis service running on the SA head is much smaller and limited malware analysis component. 

© 2022 RSA Security LLC or its affiliates. All rights reserved.