Constructing an effective scan monitoring system is a necessary step for early detection and warning of unknown threats. Scan monitoring systems constructed by routable unused IP addresses will be more effective than those deployed in active networks for their special advantages in identifying threats precisely which results in low false alarm rate. Nowadays systematic researches on how to deploy such an effective monitoring system are still missing. This paper presents a novel scan monitoring model based on BGP route distribution to answer two practical deployment questions. One is how to design and deploy an ideal target-specified scan monitoring system and theother is how to evaluate the detecting effectiveness of actual limited deploying resources. On the basis of the model,this paper puts forward a new concept of deployment threshold which describes the most economical matchingvalue between the monitoring system’s scale and the scanner’s scanning width on the same detection probabilitydemand. According to the model and the deployment threshold, an effective monitoring system can be designed and appropriate detecting targets can be proposed which match the practical deploying resources to avoid blinddeployment as before. Simulation results are coincident with the theretical analyses.