The suggested method for removing a single IP from the SecurityCenter Repository is to create a custom policy that uses at least 100 plugins ( the default of all plugins enabled is completely fine) and does not ping the host during the scan. (You will need to make sure that the host is not connected to the network when the scan runs and that no other scans will scan it or the data will not be removed. LCE and PVS data can also cause the IP to remain.)
To create a custom policy, select Scans, then Policies from the menu at the top of the screen. Click on the Add button in the top right corner to add a policy. Once the Policy Selection Screen loads, select Advanced Scan from the Custom section at the bottom of the page. The Add Policy > Advanced Scan page will load.
Disable Ping the remote host in the custom policy by selecting Host Discovery from the menu at left, and then clicking the button at right. The button should turn grey, as shown below.
Once you have disabled Ping the remote host, click Submit after scrolling to the bottom of the interface page.
Once the Policies page is visible, create a scan for this policy by selecting Scans, then Active Scans in the menu at top. Select the Add button in the top right corner to enter the Add Active Scan wizard. On the General page, give the scan a Name that you can identify easily and select the policy that you created in the previous section. You can see an example below.
Once you have named your scan and identified the policy, click on the Settings link to the right, which will open the Settings page. Select the Repository that contains the vulnerability data for the IP that you wish to remove as the Import Repository.
Once you have selected the repository, click on the button to the right of “Immediately remove vulnerabilities from scanned hosts that do not reply”
An option to set the number of days to wait before removing dead hosts will appear. Set this to 1. (You will need to make sure that the host is not connected to the network when the scan runs and that no other scans will scan it or the data will not be removed. LCE and PVS data can also cause the IP to remain.) An example of the setting is below.
After competing the tasks on the Settings page, click on the Targets link at left. The page will change and will allow you to select the targets for the scan. Change the Target Type Drop down menu to IP / DNS Name and insert the IP Address you want to remove in the field below. Below is an example, but you will have to substitute your target’s IP address for our placeholder.
Finally, Click on Submit, and then run the scan. The offline host will not respond, and the data should be removed by the following day.