Hello for security compliance we need to run Vulnerability scans on our remote branch locations. We have MX Hubs and about 400 branch locations with smaller MXs. We use leverage autovpn for connection have ADV Security licenses on everything. We also have vulnerability scanners in your Data Center behind the MX Hubs that reach out over the autoVPN to branch locations to preform vulnerability scans. Ever since migrating over to Meraki from a DMVPN solution our Tennable vulnerability scans run for ever. (really they never end) I worked with support awhile ago to get the IP address of the Tennable vulnerability scanner whitelisted so the IPS engine on the MXs would not be flagged but we are still having issues where it never finishes. Anyone else having a similar issue or a solution?
Yes, I have the exact same issue as you have described. Still searching for ways to tune this on both the Meraki and Scanner sides, so I am not babysitting scans that used to kick off according to schedule and complete before running out of the allotted time.
Also running into issues with IDS/IPS at times and false positives.
I have the same question. We're looking at enabling IDS/IPS on our AutoVPN spoke MX's, but that has the adverse effect of bricking the vulnerability scans against clients/devices behind the spokes. The only exceptions I thought I saw were for particular rules, rather than particular IP's.