NormShield solution's power doesn't solely rely on services such as Cyber Threat Intelligence, SOC Radar. NormShield also provides a top-notch vulnerability management system and NormShield on-premise version is a mainly vulnerability management system.
But this flexibility comes with a price. With most of the scanners and portal running on the same machine, event at different machines storage will be a problem after a while because of produces scan reports etc.
NormShield Hotpoint provides an options called "Oldest Artifact Days" in days shown below. Certain files under certain directories on the server the Hotpoint runs will be deleted according to this parameter.
So which directories and which files?
- C:\Ns\Uploads\*.* if this is a portal machine. This directory contains all the scanner artifacts uploaded to portal server
- C:\Program Files (x86)\NormShield\Agent\Output\*.xml This directory contains all the scanner artifacts that the agent produces
- C:\Program Files (x86)\NormShield\Agent\Binary\Log\*.log This directory contains all the log entries that the agent produces
What else? The value of "Oldest Artifact Days" also trigger NormShield to delete older scans in certain scanners such as Nessus.
If you have other local directories that you want to delete such as Netsparker's scans directory, then a little manual job is necessary. The general Hotpoint agent configuration file (C:\Program Files (x86)\NormShield\Agent\Configuration\Common.config) should be edited.
The key name to edit is "OTHER_ARTIFACT_DIRECTORIES". The value can be comma separated absolute directory paths, such as "C:\Users\nsagent\Documents\Netsparker\scans,C:\temp".