Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Nutanix server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- Domain configuration
- File server configuration
- Workgroup configuration
- SMB File Server Configuration
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Installation Steps
- Gateway Configuration in Endpoint
- Gateway Cluster Configuration
- Gateway Server Management
- Certificate Authority Configuration
- Two-way SSL configuration
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Regenerating gateway server access key
- Updating gateway server
- Gateway Server Failover
- Load Balancer Configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- File Upload & Download Reports
- Control Policy reports
- General Reports
- Application Insights
- Shadow Domain Insights
- Banned Domain Insights
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Release notes
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Cloud Protection Gateway server failure
- Known issues and limitations
- Known errors and solutions
- Report discrepancy in File Analysis
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Scheduling scans
Customers who installed DataSecurity Plus prior to build 6050 can only manually schedule data discovery scans. Find the steps to manually schedule a data discovery scan here.
All DataSecurity Plus builds from 6050 onwards will automatically schedule scans and let users track the scan progress.
Running data discovery scans in product installations of build 6050 and above
Once a data source is configured successfully in the Risk Analysis module, DataSecurity Plus will automatically schedule data discovery scans. The Risk Analysis module performs two types of scans:
- Full scans: These data discovery scans are automatically scheduled when data sources are first configured in DataSecurity Plus. The full scan will run only once unless manually initiated again. In such cases, users have the option of rescanning data sources or individual shares by following the steps in the Rescanning devices and shares section on this help page.
- Incremental scans: These scans look for sensitive data in newly created and modified files. Incremental scans run once a week and cannot be initiated manually.
Note: For builds prior to 6130, incremental scans for the configured devices run once in the first week of every month.
The time it takes to complete a data discovery scan depends on the resources allocated for the data discovery scan and the volume of data to be scanned.
- Data discovery by itself is a CPU-intensive task. Add the most critical business hours to timing exclusions to minimize the effects on productivity. Refer to the Exclude configuration help page for steps.
- The heap size is the ongoing process memory space that is allocated for all DataSecurity Plus functions. A heap memory of 1-2GB is sufficient for all DataSecurity Plus modules except Risk Analysis. For Risk Analysis, a heap memory of 4GB will be allocated because data discovery is a memory-intensive process.
Viewing the scan execution history and status
You can check the status of the data discovery scan for any configured device by following these steps:
- Select Risk Analysis from the applications drop-down.
- Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
- In the Scan History column, click View Details for the data source you want to analyze the scan history for. The complete scan history for that data source, including the following details, will be displayed:
- Start Time: The time when the scan began.
- End Time: The time when the scan completed.
- Scan Type: Indicates whether the scan executed was incremental or full.
- Scan Interruption Count: The number of times the scan was interrupted due to exclusion criteria.
- Count of Files Scanned: The total number of files scanned.
- Total Size Scanned: The combined size of all files scanned.
- Sensitive File Count: The number of sensitive files discovered during the scan.
- Sensitive File Size: The combined size of all sensitive files scanned.
- Skipped File Count: The number of files that were not scanned due to an unsupported file type or exceeding size limits.
- Skipped File Size: The combined size of all skipped files.
- Ignored File Count: The number of files excluded from an incremental scan because they were unchanged since the previous full scan.
- Ignored File Size: The combined size of all excluded files from the incremental scan.
Rescanning devices and shares
If you want to update your Risk Analysis records before scheduled scans, you can manually initiate a full scan of a device or a specific share on a device.
Rescanning a device
To rescan a configured device, follow these steps:
- Select Risk Analysis from the applications drop-down.
- Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
- On the Configured Devices or Configured SQL Servers page, you'll find a list of devices. Click the Rescan Device icon in the Actions column next to your target device to start scanning and click OK. Alternatively, you can click View History and select the Scan Now option on the pop-up to rescan your on-premises devices.
Note: For on-premises devices, you will be required to choose between Full scan and Incremental scan before rescanning a device.
Rescanning a file share
Granularly, you can also manually rescan individual shares. To do so, follow these steps:
- Log in to the DataSecurity Plus web console.
- Select Risk Analysis from the applications drop-down.
- Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
- On the Configured Devices or Configured SQL Servers page, click the Edit Configuration icon in the Actions column next to the target device. This will list the configured shares on that device.
- Select the shares you want to rescan and click the Rescan Share icon in the leftmost column.
- Click OK.
Note: Server scans will be paused when individual share scans start since they take priority. You can view the status of these scans by clicking View Status at the bottom of the Configured Devices page. In the pop-up that appears, you can see the current status of all active share scans and manually stop any scan if needed.
Stopping data discovery scans
To stop a data discovery scan running on a specific device, follow these steps:
- Select Risk Analysis from the applications drop-down.
- Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type. In the Last Scan Status column, click Running [More info] for the data source you want to view the scan status for.
- Click Stop Scanning in the Scan Status window.
The Scan Status window also provides information on the total number of entities processed, the number of rule-matched files, the total data size processed, and more.
Note: Once stopped, data discovery scans cannot be resumed. Users can choose to initiate a new data discovery scan by following the steps in the Rescanning devices and shares section on this help page.
Scheduling data discovery scans in product installations prior to build 6050
Follow the steps below to schedule data discovery scans:
- Select Risk Analysis from the modules drop-down.
- Go to Configuration > General Settings > Schedule.
- Click + Add Schedule in the top-right corner.
- Name the schedule and include an appropriate description.
- Select the policies you want to scan.
- Select the shares you want to scan.
- Check the Enable incremental file scan box.
- Select the Schedule Duration.
- Select the Starting Date.
- Specify the Exclusion Timing.
- Click Add.
- Click Save.
Best practice: Always check the Enable incremental file scan box unless it is a one-time scan. This reduces the running time by scanning only new and modified files.
Tip: Data discovery by itself is a CPU-intensive task. Add the most critical business hours to timing exclusions to minimize disruptions to productivity.