Ticketing and Enterprise Scanner

SiteProtector works with Enterprise Scanner to streamline your event tracking and remediation processes. This topic explains how to use information from Enterprise Scanner with the ticketing feature in SiteProtector to manage tracking and remediation.

When remediation is necessary, such as patching a vulnerability, you can create a ticket directly from the SiteProtector Console. You can then assign the ticket to another SiteProtector user and track the status of the ticket from creation to resolution.

Tickets

A ticket is a work request created in response to a situation that requires further investigation. Here are some examples of tickets:

vPatching a range of assets against vulnerabilities

vInvestigating a new asset that recently appeared on the network, and dealing with it as appropriate

vLocating an asset that is running an unapproved operating system, and updating it or removing it from the network

You can use right-click menus to create tickets directly from the information displayed in the Asset, Agent, and Analysis views.

Vulnerability auto ticketing

Use the vulnerability auto ticketing feature to create auto ticketing rules that apply to vulnerable events in a group. When a vulnerable event matches an auto ticketing rule, SiteProtector automatically generates a new ticket.

Note: Only users with global ticketing permissions can create and modify auto ticketing rules.

To group the assets, select the Group By Asset check box in the Vulnerability Auto Ticketing pane in the Properties tab. You can modify the number of vulnerabilities per ticket in the Auto Ticketing tab in the Ticketing Setup window.

Auto ticketing rule inheritance occurs when a subgroup inherits the auto ticketing rules from a group of assets in the next higher group in your Site structure (if the subgroup does not have any auto ticketing rules).

Reference: See the IBM SiteProtector Help for detailed information and procedures on auto-ticketing.

Custom categories

You can use the Custom Category tab to add new custom categories with up to five user-specified fields.

SiteProtector ticketing or third party

You can use the SiteProtector ticketing tool or configure SiteProtector to export tickets into another action request (AR) system, such as Remedy Help Desk or Remedy Change Management. After you have integrated the remedy solution with SiteProtector, SiteProtector shares new ticket information to the remedy application.

134Enterprise Scanner: User Guide

Page 141 Page 143
Page 142
Image 142
IBM Partner Pavilion 2.3 manual Ticketing and Enterprise Scanner, Tickets, Vulnerability auto ticketing, Custom categories
Page 141 Page 143
Top Page Image Contents