Manuals
/
IBM Partner Pavilion
/
Computer Equipment
/
Network Router
IBM Partner Pavilion
2.3
manual
Enterprise Scanner User Guide
Models:
2.3
1
128
187
187
Download
187 pages
31.13 Kb
125
126
127
128
129
130
131
132
Install
Default
Inheritance indicators
Maintenance
Section B Policy configuration
Access level
Command Impact
Battery return program
Procedure
Types of backups
Page 128
Image 128
120
Enterprise Scanner: User Guide
Page 127
Page 129
Page 128
Image 128
Page 127
Page 129
Contents
User Guide Version
Copyright statement
Trademarks and Disclaimer
Iv Enterprise Scanner User Guide
Contents
Part 3. Maintenance
Part 4. Appendixes 163
Topics
About this book
Audience
Related publications
Technical support contacts
Part 1. Scanning from the Proventia Manager
Chapters
Enterprise Scanner User Guide
Ad hoc scanning in the Proventia Manager
Section a Network configuration
Section B Policy configuration
Section a Network configuration
Configuring the management network interface
Procedure
About this task
Configuring the scanning network interface
Option Description Interface
Maximum IPs per discovery subtask
Maximum assets per assessment subtask
Configuring scanning interface DNS settings
Configuring routes for perspective
Assigning perspective to a scanning interface
Option Description Perspective
Destination Network
Section B Policy configuration
Defining assets for a discovery scan
Before you begin
Option Metric Description
Displaying assessment checks by groups
If you want to Then Clear groupings
Click Clear Groupings
Create groupings interactively
Displaying information about assessment checks
Selecting assessment checks with filters
Click the Common Settings tab
Option Description Discover and report TCP services
Discover and report UDP services
Option Description Ports to scan with generic TCP checks
Default
Option Description Ports to scan with generic UDP checks
Option Description Dynamically determine OS if previously
Obtained information is older than
Option Description Verify account access level before using
Local group membership to verify access
Access domain controllers to verify access
Access level
Lockout Allowed is enabled. When
Option Description Allowed account lockout
Temporary lockout allowed Enterprise
Maximum Allowable Lockout Duration
Defining assessment credentials for a policy
Option Description Account Type SSH Local
Account Type SSH Domain
Domain/Host
Account Level
Defining the service names associated with TCP and UDP ports
Defining ports or assets to exclude from a scan
If you want to Then Exclude ports
Exclude assets
Excluded Hosts box
Scan policy Required
Interpreting scan results in the Proventia Manager
Running an ad hoc scan
Monitoring the status of a scan
Action Icon Description
Click View/Manage Log Files
Viewing the results of an ad hoc scan
Exporting scan results from Proventia Manager
Purging scan data from the database
Field Description
Enterprise Scanner User Guide
Part 2. Scanning from the SiteProtector Console
Enterprise Scanner User Guide
Enterprise Scanner policies
Inheritance indicators
Initially blank or unconfigured?
Policy inheritance with Enterprise Scanner policies
General inheritance behavior
Enterprise Scanner policies
About this task
Viewing asset or agent policies for Enterprise Scanner
Select Network Enterprise Scanner from the Agent Type list
Important Do not click Open
Contents of an agent policy
Agent policies for Enterprise Scanner
Agent policy descriptions for Enterprise Scanner
Policy inheritance with agent policies
Network Locations policy
Configuring routes for perspective
Assigning perspective to a scanning interface
Click the Event Notification tab
Event notification settings for Enterprise Scanner
Notification policy
Access policy
Configuring advanced parameters for event notification
Click the Advanced Parameters tab
Account Purpose
Configuring the management network interface
Networking policy
Configuring the scanning network interface
Configuring scanning interface DNS settings
Services policy
Enable the network time protocol NTP
Time policy
If you want to Then Change the date and time for the agent
Network Time Protocol section
Asset policy descriptions for Enterprise Scanner
Update Settings policy
Asset policies for Enterprise Scanner
Scope
Policy contents
Discovery policy
Defining assets to discover
Before you begin
Assessment policy
Displaying information about assessment checks
Displaying assessment checks by groups
Selecting assessment checks with filters
Configuring common assessment settings
Option Description Dynamically determine OS if SiteProtector
Information is older than
Try to confirm the access level
Option Description Allowed account lockout
Assessment Credentials policy
Defining assessment credentials for a policy
Option Description Account Type Windows
Scan Control policy
Option Description Job name
Cycle start date
Cycle duration
Current cycle start date
Scan Window policy
Important consideration for multiple agents
Defining when scanning is allowed
Scan Exclusion policy
Defining ports or assets to exclude from a scan
Network Services policy
Default settings
Service definition
Policy inheritance
Configuring a Network Services policy
Running an ad hoc discovery scan with Enterprise Scanner
Configuration options
Ad Hoc Scan Control policy
Running an ad hoc assessment scan with Enterprise Scanner
Click the Debug Settings tab
Click Generate Support Data File
Understanding scanning processes in SiteProtector
What is perspective?
Policy How to use Applies to
Defining perspectives
Placing agents in the correct perspective
Perspectives in policies
Network locations and perspectives
Scan jobs and related terms
Definitions
Assets with unassigned criticality
Term Description
Types of tasks
Scheduled and running scans
Importance of tasks and subtasks
Common management tasks
Priorities for running tasks
Tasks per type of scan
Criticality and assessment tasks
Scan type Number of tasks
Stages of a scanning process
Task prioritization
Dynamic prioritization
Type of scan Reason for prioritization
Process for a scanning cycle
Stage Description
Size of scan windows
Calibration considerations
Discovery cycle duration
Assessment cycle duration
Achieving the right balance
Enterprise Scanner User Guide
Background scanning in SiteProtector
Determining when background scans run
How policies apply to ad hoc and background scans
Asset policies and ad hoc scans
Changing assessment and discovery policies
Type of scan Description
Scan Control policy
Scan window and refresh cycle examples
Checklist for background assessment scanning
Background scanning checklists for Enterprise Scanner
Checklist for background discovery scanning
Enabling background scanning
Defining when scanning is allowed
Option Description Next cycle start date
Procedure
Type a series of individual IP addresses, a
Defining network services
Defining assessment credentials for a policy
Option Description Account Type SSH Local
Monitoring scans in SiteProtector
Viewing your scan jobs
Viewing discovery job results
Viewing assessment job results
Assessment subtask explanation
This part of the description Describes Finished Assessment
On ScanGroupName for hosts with
Enterprise Scanner User Guide
Managing scans in SiteProtector
Command Impact
Stopping and restarting scan jobs
Impact of stopping scan jobs
Impact of restarting scan jobs
Suspending and enabling all background scans
Registration and authentication
Minimum scanning requirements
Steps to initiate a scan
Type of scan Steps to initiate
Troubleshooting scanning behaviors for ad hoc scans
Scanning behaviors for ad hoc scans
Inheritance
Priority
Expected scanning behaviors for background scans
Managing scans in SiteProtector
Enterprise Scanner User Guide
Interpreting scan results in SiteProtector
OS identification Osid certainty
What determines certainty?
Sources of Osid
Certainty of Osid sources
How Osid is updated in Enterprise Scanner
Conditions for reassessing Osid
Exception
Rules for updating Osid
Setting up a Summary view for vulnerability management
Summary page for vulnerability management
Vulnerability management options
Portal Description
Portal Description
Viewing vulnerabilities by asset in Enterprise Scanner
About vulnerability assessment
Creating custom views
Benefits
Field descriptions
Field Description
Viewing vulnerabilities by detail in Enterprise Scanner
Field Description
Viewing vulnerabilities by object in Enterprise Scanner
Field
Vulnerability view by vulnerability name
Field Description
Running reports in the SiteProtector Console
Types of assessment reports
Report descriptions
Report Description
Report Description
Procedure
Enterprise Scanner User Guide
Logs and alerts
Log files and alert notification
Two types of log files
Two types of information
Log size
System logs
System log descriptions
Getting log status information
Enterprise Scanner ES logs
Log descriptions
Statistic Description
Changing logging detail
Downloading Enterprise Scanner ES log files
Download
Delete a log file Click View/Manage Log Files
Delete
Alerts log
Risk level icons
Event information icons
Icon Description
File Description
Downloading and saving an Alerts log
Click Generate new log file from Alerts
Click Clear current Alerts from event log
Clearing the Alerts log
Finding specific events in the Alerts log
Enterprise Scanner User Guide
Search by Alert Id# box
If you want to Then Search the Alert log file by Alert ID
Number
Enterprise Scanner User Guide
Ticketing and remediation
Ticketing and Enterprise Scanner
Tickets
Vulnerability auto ticketing
Custom categories
Remediation process overview for Enterprise Scanner
Scanning recommendations
Remediation tasks for Enterprise Scanner
Task overview
Option Tab Description
Task 6 Close the ticket
Part 3. Maintenance
Enterprise Scanner User Guide
Performing routine maintenance
Shutting down your Enterprise Scanner
Removing an agent from SiteProtector
Types of backups
If you restore a system before you make backups
Date of last system backup
Options for backing up Enterprise Scanner
Backing up configuration settings
Making full system backups
Click the Full Backup tab Choose an option
Updating Enterprise Scanner
Types of updates
Update locations
Type of update Content
Update location Description
Update options
Installation options with scheduled updates
Rollbacks and backups
Updating options
Configuring explicit-trust authentication with an XPU server
Authentication method Advantages and Disadvantages
Configuring an Alternate Update location
Select the Use Alternate Update Server check box
Option Description Host or IP
Name
Option Description Trust Level
CA Certificate
Select Enable Proxy
Configuring an Http Proxy
Configuring notification options for XPUs
Scheduling a one-time firmware update
Configuring automatic updates
Click the Update Settings tab
Option Description Check for updates daily or weekly
Option Description Check for updates at given intervals
Option Description Do Not Install
Automatically Install Updates
Delayed
Manually installing updates
Viewing the status of the Enterprise Scanner agent
Proventia Manager Home
System status
Network interface status
Model
Header
Updates status
Protection status
Viewing agent status in the SiteProtector Console
Viewing agent status
Viewing the status of the CAM modules
Troubleshooting the Enterprise Scanner sensor
Module or process Description Troubleshooting option
Module or process Description Troubleshooting option
Part 4. Appendixes
Enterprise Scanner User Guide
165
Enterprise Scanner User Guide
Product handling information
Product safety labels
World trade safety information
Product recycling and disposal
Laser safety information
Laser compliance
Battery return program
For Taiwan
For the European Union
Federal Communications Commission FCC Statement
Electronic emissions notices
For California
EC Declaration of Conformity In German
Canadian Department of Communications Compliance Statement
European Union EU Electromagnetic Compatibility Directive
People’s Republic of China Class a Compliance Statement
Japan Class a Compliance Statement
Korean Class a Compliance Statement
Enterprise Scanner User Guide
Index
177
Reassessing 105 Rules Sources
Scan job
Top
Page
Image
Contents