Some scans may trigger false alarms from your intrusion prevention or intrusion detection systems (IPS/IDS). This tends to be rare, but if it happens, we suggest configuring your IPS or IDS to ignore alerts originating from the IP addresses of the Main Console and any Subordinates.
Additionally, it is worth noting that OS-level scans performed by RiskAnalyzer also test connectivity from each host to certain other subnets to determine which services are accessible. These consist of simple port scans on ports that are already know to be open. The scans are performed on a tiny sampling of known-listening ports and are performed at a very slow rate to avoid triggering alarms or excessive network traffic. However, if your IPS/IDS system does generate alerts related to port scans during a DeepSurface scan, this could be the cause and you may need to tune your settings.