Manuals
/
IBM Partner Pavilion
/
Computer Equipment
/
Network Router
IBM Partner Pavilion
2.3
manual
Enterprise Scanner User Guide
Models:
2.3
1
102
187
187
Download
187 pages
31.13 Kb
99
100
101
102
103
104
105
106
Install
Default
Inheritance indicators
Maintenance
Section B Policy configuration
Access level
Command Impact
Battery return program
Procedure
Types of backups
Page 102
Image 102
94
Enterprise Scanner: User Guide
Page 101
Page 103
Page 102
Image 102
Page 101
Page 103
Contents
User Guide Version
Copyright statement
Trademarks and Disclaimer
Iv Enterprise Scanner User Guide
Contents
Part 3. Maintenance
Part 4. Appendixes 163
About this book
Audience
Topics
Related publications
Technical support contacts
Part 1. Scanning from the Proventia Manager
Chapters
Enterprise Scanner User Guide
Section a Network configuration
Section B Policy configuration
Ad hoc scanning in the Proventia Manager
Procedure
Section a Network configuration
Configuring the management network interface
About this task
Maximum IPs per discovery subtask
Configuring the scanning network interface
Option Description Interface
Maximum assets per assessment subtask
Configuring scanning interface DNS settings
Option Description Perspective
Configuring routes for perspective
Assigning perspective to a scanning interface
Destination Network
Before you begin
Section B Policy configuration
Defining assets for a discovery scan
Option Metric Description
Click Clear Groupings
Displaying assessment checks by groups
If you want to Then Clear groupings
Create groupings interactively
Displaying information about assessment checks
Selecting assessment checks with filters
Discover and report UDP services
Click the Common Settings tab
Option Description Discover and report TCP services
Option Description Ports to scan with generic TCP checks
Option Description Dynamically determine OS if previously
Default
Option Description Ports to scan with generic UDP checks
Obtained information is older than
Access domain controllers to verify access
Option Description Verify account access level before using
Local group membership to verify access
Access level
Temporary lockout allowed Enterprise
Lockout Allowed is enabled. When
Option Description Allowed account lockout
Maximum Allowable Lockout Duration
Defining assessment credentials for a policy
Domain/Host
Option Description Account Type SSH Local
Account Type SSH Domain
Account Level
Defining the service names associated with TCP and UDP ports
Exclude assets
Defining ports or assets to exclude from a scan
If you want to Then Exclude ports
Excluded Hosts box
Scan policy Required
Interpreting scan results in the Proventia Manager
Running an ad hoc scan
Monitoring the status of a scan
Action Icon Description
Viewing the results of an ad hoc scan
Exporting scan results from Proventia Manager
Click View/Manage Log Files
Purging scan data from the database
Field Description
Enterprise Scanner User Guide
Part 2. Scanning from the SiteProtector Console
Enterprise Scanner User Guide
Enterprise Scanner policies
Policy inheritance with Enterprise Scanner policies
Inheritance indicators
Initially blank or unconfigured?
General inheritance behavior
Enterprise Scanner policies
About this task
Viewing asset or agent policies for Enterprise Scanner
Select Network Enterprise Scanner from the Agent Type list
Important Do not click Open
Agent policy descriptions for Enterprise Scanner
Contents of an agent policy
Agent policies for Enterprise Scanner
Policy inheritance with agent policies
Network Locations policy
Configuring routes for perspective
Assigning perspective to a scanning interface
Event notification settings for Enterprise Scanner
Notification policy
Click the Event Notification tab
Click the Advanced Parameters tab
Access policy
Configuring advanced parameters for event notification
Account Purpose
Configuring the management network interface
Networking policy
Configuring the scanning network interface
Configuring scanning interface DNS settings
Services policy
If you want to Then Change the date and time for the agent
Enable the network time protocol NTP
Time policy
Network Time Protocol section
Update Settings policy
Asset policies for Enterprise Scanner
Asset policy descriptions for Enterprise Scanner
Policy contents
Discovery policy
Scope
Defining assets to discover
Before you begin
Assessment policy
Displaying information about assessment checks
Displaying assessment checks by groups
Selecting assessment checks with filters
Configuring common assessment settings
Option Description Dynamically determine OS if SiteProtector
Information is older than
Try to confirm the access level
Option Description Allowed account lockout
Assessment Credentials policy
Defining assessment credentials for a policy
Option Description Account Type Windows
Scan Control policy
Cycle duration
Option Description Job name
Cycle start date
Current cycle start date
Scan Window policy
Important consideration for multiple agents
Defining when scanning is allowed
Scan Exclusion policy
Defining ports or assets to exclude from a scan
Service definition
Network Services policy
Default settings
Policy inheritance
Configuring a Network Services policy
Configuration options
Ad Hoc Scan Control policy
Running an ad hoc discovery scan with Enterprise Scanner
Running an ad hoc assessment scan with Enterprise Scanner
Click the Debug Settings tab
Click Generate Support Data File
Understanding scanning processes in SiteProtector
What is perspective?
Placing agents in the correct perspective
Policy How to use Applies to
Defining perspectives
Perspectives in policies
Network locations and perspectives
Assets with unassigned criticality
Scan jobs and related terms
Definitions
Term Description
Importance of tasks and subtasks
Types of tasks
Scheduled and running scans
Common management tasks
Criticality and assessment tasks
Priorities for running tasks
Tasks per type of scan
Scan type Number of tasks
Dynamic prioritization
Stages of a scanning process
Task prioritization
Type of scan Reason for prioritization
Process for a scanning cycle
Stage Description
Discovery cycle duration
Size of scan windows
Calibration considerations
Assessment cycle duration
Achieving the right balance
Enterprise Scanner User Guide
Background scanning in SiteProtector
Determining when background scans run
Changing assessment and discovery policies
How policies apply to ad hoc and background scans
Asset policies and ad hoc scans
Type of scan Description
Scan Control policy
Scan window and refresh cycle examples
Background scanning checklists for Enterprise Scanner
Checklist for background discovery scanning
Checklist for background assessment scanning
Enabling background scanning
Defining when scanning is allowed
Option Description Next cycle start date
Procedure
Type a series of individual IP addresses, a
Defining network services
Defining assessment credentials for a policy
Option Description Account Type SSH Local
Monitoring scans in SiteProtector
Viewing your scan jobs
Viewing discovery job results
This part of the description Describes Finished Assessment
Viewing assessment job results
Assessment subtask explanation
On ScanGroupName for hosts with
Enterprise Scanner User Guide
Managing scans in SiteProtector
Impact of stopping scan jobs
Command Impact
Stopping and restarting scan jobs
Impact of restarting scan jobs
Suspending and enabling all background scans
Steps to initiate a scan
Registration and authentication
Minimum scanning requirements
Type of scan Steps to initiate
Inheritance
Troubleshooting scanning behaviors for ad hoc scans
Scanning behaviors for ad hoc scans
Priority
Expected scanning behaviors for background scans
Managing scans in SiteProtector
Enterprise Scanner User Guide
Interpreting scan results in SiteProtector
Sources of Osid
OS identification Osid certainty
What determines certainty?
Certainty of Osid sources
Exception
How Osid is updated in Enterprise Scanner
Conditions for reassessing Osid
Rules for updating Osid
Vulnerability management options
Setting up a Summary view for vulnerability management
Summary page for vulnerability management
Portal Description
Portal Description
Creating custom views
Viewing vulnerabilities by asset in Enterprise Scanner
About vulnerability assessment
Benefits
Field descriptions
Field Description
Viewing vulnerabilities by detail in Enterprise Scanner
Field Description
Viewing vulnerabilities by object in Enterprise Scanner
Field
Vulnerability view by vulnerability name
Field Description
Report descriptions
Running reports in the SiteProtector Console
Types of assessment reports
Report Description
Report Description
Procedure
Enterprise Scanner User Guide
Logs and alerts
Two types of information
Log files and alert notification
Two types of log files
Log size
System logs
System log descriptions
Log descriptions
Getting log status information
Enterprise Scanner ES logs
Statistic Description
Changing logging detail
Delete a log file Click View/Manage Log Files
Downloading Enterprise Scanner ES log files
Download
Delete
Event information icons
Alerts log
Risk level icons
Icon Description
Downloading and saving an Alerts log
Click Generate new log file from Alerts
File Description
Clearing the Alerts log
Finding specific events in the Alerts log
Click Clear current Alerts from event log
Enterprise Scanner User Guide
If you want to Then Search the Alert log file by Alert ID
Number
Search by Alert Id# box
Enterprise Scanner User Guide
Ticketing and remediation
Vulnerability auto ticketing
Ticketing and Enterprise Scanner
Tickets
Custom categories
Remediation process overview for Enterprise Scanner
Scanning recommendations
Remediation tasks for Enterprise Scanner
Task overview
Option Tab Description
Task 6 Close the ticket
Part 3. Maintenance
Enterprise Scanner User Guide
Performing routine maintenance
Shutting down your Enterprise Scanner
Removing an agent from SiteProtector
Date of last system backup
Types of backups
If you restore a system before you make backups
Options for backing up Enterprise Scanner
Backing up configuration settings
Making full system backups
Click the Full Backup tab Choose an option
Updating Enterprise Scanner
Type of update Content
Types of updates
Update locations
Update location Description
Rollbacks and backups
Update options
Installation options with scheduled updates
Updating options
Configuring explicit-trust authentication with an XPU server
Authentication method Advantages and Disadvantages
Option Description Host or IP
Configuring an Alternate Update location
Select the Use Alternate Update Server check box
Name
Option Description Trust Level
CA Certificate
Configuring an Http Proxy
Configuring notification options for XPUs
Select Enable Proxy
Click the Update Settings tab
Scheduling a one-time firmware update
Configuring automatic updates
Option Description Check for updates daily or weekly
Automatically Install Updates
Option Description Check for updates at given intervals
Option Description Do Not Install
Delayed
Manually installing updates
Viewing the status of the Enterprise Scanner agent
Network interface status
Proventia Manager Home
System status
Model
Updates status
Protection status
Header
Viewing agent status in the SiteProtector Console
Viewing agent status
Troubleshooting the Enterprise Scanner sensor
Module or process Description Troubleshooting option
Viewing the status of the CAM modules
Module or process Description Troubleshooting option
Part 4. Appendixes
Enterprise Scanner User Guide
165
Enterprise Scanner User Guide
Product handling information
Product safety labels
World trade safety information
Laser safety information
Laser compliance
Product recycling and disposal
Battery return program
For Taiwan
For the European Union
Electronic emissions notices
For California
Federal Communications Commission FCC Statement
Canadian Department of Communications Compliance Statement
European Union EU Electromagnetic Compatibility Directive
EC Declaration of Conformity In German
People’s Republic of China Class a Compliance Statement
Japan Class a Compliance Statement
Korean Class a Compliance Statement
Enterprise Scanner User Guide
Index
177
Reassessing 105 Rules Sources
Scan job
Top
Page
Image
Contents