Manuals / IBM Partner Pavilion / Computer Equipment / Network Router

IBM Partner Pavilion 2.3 manual Vulnerability view by vulnerability name

Models: 2.3

1 187

Download 187 pages 31.13 Kb

Page 123

Table 29. Vulnerability view by target operating system (continued)

Field	Description

Status	Use the Status filter differently for events
	and vulnerabilities.
	v Events: The Status column indicates the
	impact of the event.
	v Vulnerabilities: The Status column
	indicates whether the vulnerability was
	found.

Event Count	Use this filter to determine which events
	occur most frequently.

Target Count	Use to filter by the count of target hosts.

Latest Event	Use to filter events according to the Latest
	Event column in the analysis views.
	SiteProtector calculates the time and date for
	the latest event on each row of data in an
	analysis view. This filter filters data only in
	views that contain the Latest Event column.
	For example, if you apply this filter to the
	Event Name view, SiteProtector can apply
	the criteria you specified to each Tag name
	(or row) that appears in the view.

Viewing vulnerabilities by vulnerability name in Enterprise Scanner

Use this view to examine high-level information about the types of vulnerabilities detected on your network.

Benefits

You can sort your view by most severe vulnerabilities to identify the most to least important vulnerabilities on your network or by priority of fix.

Field descriptions

The following table describes the fields and descriptions for this vulnerability view:

Table 30. Vulnerability view by vulnerability name

Field	Description

Tag Name	Use this filter to display or suppress events
	that match one or more tag names. You can
	filter on tag names from the Site database or
	on user-defined tag names.

Severity	Use this filter to display events according to
	their level of severity.

CVSS Score	Use this filter to establish a measure of how
	much concern a vulnerability warrants,
	compared to other vulnerabilities, so that
	efforts to remedy the vulnerability can be
	prioritized.

Chapter 8. Interpreting scan results in SiteProtector 115

Image 123

IBM Partner Pavilion 2.3 manual Vulnerability view by vulnerability name

Contents

User Guide Version Copyright statement Trademarks and Disclaimer Iv Enterprise Scanner User Guide Contents Part 4. Appendixes 163 Part 3. MaintenanceAbout this book AudienceTopics Technical support contacts Related publicationsChapters Part 1. Scanning from the Proventia ManagerEnterprise Scanner User Guide Section a Network configuration Section B Policy configurationAd hoc scanning in the Proventia Manager About this task Section a Network configurationConfiguring the management network interface ProcedureMaximum assets per assessment subtask Configuring the scanning network interfaceOption Description Interface Maximum IPs per discovery subtaskConfiguring scanning interface DNS settings Destination Network Configuring routes for perspectiveAssigning perspective to a scanning interface Option Description PerspectiveOption Metric Description Section B Policy configurationDefining assets for a discovery scan Before you beginCreate groupings interactively Displaying assessment checks by groupsIf you want to Then Clear groupings Click Clear GroupingsDisplaying information about assessment checks Selecting assessment checks with filters Option Description Ports to scan with generic TCP checks Click the Common Settings tabOption Description Discover and report TCP services Discover and report UDP servicesObtained information is older than DefaultOption Description Ports to scan with generic UDP checks Option Description Dynamically determine OS if previouslyAccess level Option Description Verify account access level before usingLocal group membership to verify access Access domain controllers to verify accessMaximum Allowable Lockout Duration Lockout Allowed is enabled. WhenOption Description Allowed account lockout Temporary lockout allowed EnterpriseDefining assessment credentials for a policy Account Level Option Description Account Type SSH LocalAccount Type SSH Domain Domain/HostDefining the service names associated with TCP and UDP ports Excluded Hosts box Defining ports or assets to exclude from a scanIf you want to Then Exclude ports Exclude assetsScan policy Required Interpreting scan results in the Proventia Manager Running an ad hoc scan Action Icon Description Monitoring the status of a scanViewing the results of an ad hoc scan Exporting scan results from Proventia ManagerClick View/Manage Log Files Field Description Purging scan data from the databaseEnterprise Scanner User Guide Part 2. Scanning from the SiteProtector Console Enterprise Scanner User Guide Enterprise Scanner policies General inheritance behavior Inheritance indicatorsInitially blank or unconfigured? Policy inheritance with Enterprise Scanner policiesEnterprise Scanner policies About this task Select Network Enterprise Scanner from the Agent Type list Viewing asset or agent policies for Enterprise ScannerImportant Do not click Open Policy inheritance with agent policies Contents of an agent policyAgent policies for Enterprise Scanner Agent policy descriptions for Enterprise ScannerNetwork Locations policy Assigning perspective to a scanning interface Configuring routes for perspectiveEvent notification settings for Enterprise Scanner Notification policyClick the Event Notification tab Account Purpose Access policyConfiguring advanced parameters for event notification Click the Advanced Parameters tabNetworking policy Configuring the management network interfaceConfiguring the scanning network interface Configuring scanning interface DNS settings Services policy Network Time Protocol section Enable the network time protocol NTPTime policy If you want to Then Change the date and time for the agentUpdate Settings policy Asset policies for Enterprise ScannerAsset policy descriptions for Enterprise Scanner Policy contents Discovery policyScope Before you begin Defining assets to discoverDisplaying information about assessment checks Assessment policyDisplaying assessment checks by groups Selecting assessment checks with filters Configuring common assessment settings Information is older than Option Description Dynamically determine OS if SiteProtectorTry to confirm the access level Option Description Allowed account lockout Defining assessment credentials for a policy Assessment Credentials policyOption Description Account Type Windows Scan Control policy Current cycle start date Option Description Job nameCycle start date Cycle durationImportant consideration for multiple agents Scan Window policyDefining when scanning is allowed Defining ports or assets to exclude from a scan Scan Exclusion policyPolicy inheritance Network Services policyDefault settings Service definitionConfiguring a Network Services policy Configuration options Ad Hoc Scan Control policyRunning an ad hoc discovery scan with Enterprise Scanner Running an ad hoc assessment scan with Enterprise Scanner Click Generate Support Data File Click the Debug Settings tabUnderstanding scanning processes in SiteProtector What is perspective? Perspectives in policies Policy How to use Applies toDefining perspectives Placing agents in the correct perspectiveNetwork locations and perspectives Term Description Scan jobs and related termsDefinitions Assets with unassigned criticalityCommon management tasks Types of tasksScheduled and running scans Importance of tasks and subtasksScan type Number of tasks Priorities for running tasksTasks per type of scan Criticality and assessment tasksType of scan Reason for prioritization Stages of a scanning processTask prioritization Dynamic prioritizationStage Description Process for a scanning cycleAssessment cycle duration Size of scan windowsCalibration considerations Discovery cycle durationAchieving the right balance Enterprise Scanner User Guide Background scanning in SiteProtector Determining when background scans run Type of scan Description How policies apply to ad hoc and background scansAsset policies and ad hoc scans Changing assessment and discovery policiesScan window and refresh cycle examples Scan Control policyBackground scanning checklists for Enterprise Scanner Checklist for background discovery scanningChecklist for background assessment scanning Enabling background scanning Option Description Next cycle start date Defining when scanning is allowedProcedure Type a series of individual IP addresses, a Defining network services Defining assessment credentials for a policy Option Description Account Type SSH Local Monitoring scans in SiteProtector Viewing discovery job results Viewing your scan jobsOn ScanGroupName for hosts with Viewing assessment job resultsAssessment subtask explanation This part of the description Describes Finished AssessmentEnterprise Scanner User Guide Managing scans in SiteProtector Impact of restarting scan jobs Command ImpactStopping and restarting scan jobs Impact of stopping scan jobsSuspending and enabling all background scans Type of scan Steps to initiate Registration and authenticationMinimum scanning requirements Steps to initiate a scanPriority Troubleshooting scanning behaviors for ad hoc scansScanning behaviors for ad hoc scans InheritanceExpected scanning behaviors for background scans Managing scans in SiteProtector Enterprise Scanner User Guide Interpreting scan results in SiteProtector Certainty of Osid sources OS identification Osid certaintyWhat determines certainty? Sources of OsidRules for updating Osid How Osid is updated in Enterprise ScannerConditions for reassessing Osid ExceptionPortal Description Setting up a Summary view for vulnerability managementSummary page for vulnerability management Vulnerability management optionsPortal Description Benefits Viewing vulnerabilities by asset in Enterprise ScannerAbout vulnerability assessment Creating custom viewsField descriptions Field Description Viewing vulnerabilities by detail in Enterprise Scanner Field Description Viewing vulnerabilities by object in Enterprise Scanner Field Vulnerability view by vulnerability name Field Description Report Description Running reports in the SiteProtector ConsoleTypes of assessment reports Report descriptionsReport Description Procedure Enterprise Scanner User Guide Logs and alerts Log size Log files and alert notificationTwo types of log files Two types of informationSystem log descriptions System logsStatistic Description Getting log status informationEnterprise Scanner ES logs Log descriptionsChanging logging detail Delete Downloading Enterprise Scanner ES log filesDownload Delete a log file Click View/Manage Log FilesIcon Description Alerts logRisk level icons Event information iconsDownloading and saving an Alerts log Click Generate new log file from AlertsFile Description Clearing the Alerts log Finding specific events in the Alerts logClick Clear current Alerts from event log Enterprise Scanner User Guide If you want to Then Search the Alert log file by Alert ID NumberSearch by Alert Id# box Enterprise Scanner User Guide Ticketing and remediation Custom categories Ticketing and Enterprise ScannerTickets Vulnerability auto ticketingScanning recommendations Remediation process overview for Enterprise ScannerTask overview Remediation tasks for Enterprise ScannerOption Tab Description Task 6 Close the ticket Part 3. Maintenance Enterprise Scanner User Guide Performing routine maintenance Shutting down your Enterprise Scanner Removing an agent from SiteProtector Options for backing up Enterprise Scanner Types of backupsIf you restore a system before you make backups Date of last system backupBacking up configuration settings Click the Full Backup tab Choose an option Making full system backupsUpdating Enterprise Scanner Update location Description Types of updatesUpdate locations Type of update ContentUpdating options Update optionsInstallation options with scheduled updates Rollbacks and backupsAuthentication method Advantages and Disadvantages Configuring explicit-trust authentication with an XPU serverName Configuring an Alternate Update locationSelect the Use Alternate Update Server check box Option Description Host or IPCA Certificate Option Description Trust LevelConfiguring an Http Proxy Configuring notification options for XPUsSelect Enable Proxy Option Description Check for updates daily or weekly Scheduling a one-time firmware updateConfiguring automatic updates Click the Update Settings tabDelayed Option Description Check for updates at given intervalsOption Description Do Not Install Automatically Install UpdatesManually installing updates Viewing the status of the Enterprise Scanner agent Model Proventia Manager HomeSystem status Network interface statusUpdates status Protection statusHeader Viewing agent status Viewing agent status in the SiteProtector ConsoleTroubleshooting the Enterprise Scanner sensor Module or process Description Troubleshooting optionViewing the status of the CAM modules Module or process Description Troubleshooting option Part 4. Appendixes Enterprise Scanner User Guide 165 Enterprise Scanner User Guide Product handling information World trade safety information Product safety labelsLaser safety information Laser complianceProduct recycling and disposal Battery return program For the European Union For TaiwanElectronic emissions notices For CaliforniaFederal Communications Commission FCC Statement Canadian Department of Communications Compliance Statement European Union EU Electromagnetic Compatibility DirectiveEC Declaration of Conformity In German Japan Class a Compliance Statement People’s Republic of China Class a Compliance StatementKorean Class a Compliance Statement Enterprise Scanner User Guide 177 IndexReassessing 105 Rules Sources Scan job