
Contents
Trademarks and Disclaimer . . . . . . iii
About this book . . . . . . . . . . . vii
Related publications . . . . . . . . . . . viii Technical support contacts . . . . . . . . . viii
Part 1. Scanning from the Proventia Manager . . . . . . . . . . . . . . 1
Chapter 1. Ad hoc scanning in the Proventia Manager . . . . . . . . . . 3
Section A: Network configuration | . | 4 |
Configuring the management network interface | . 4 | |
Configuring the scanning network interface . . . 5 | ||
Configuring scanning interface DNS settings . | . 6 | |
Assigning perspective to a scanning interface . | . 7 | |
Configuring routes for perspective | . | 7 |
Section B: Policy configuration | . | 8 |
Defining assets for a discovery scan . . . . | . | 8 |
Displaying assessment checks by groups . . . . 9 | ||
Displaying information about assessment checks |
| 10 |
Selecting assessment checks with filters . . . | . | 11 |
Configuring common assessment settings for an |
|
|
Assessment policy | . | 12 |
Defining assessment credentials for a policy . | . 16 | |
Defining the service names associated with TCP |
|
|
and UDP ports | . | 18 |
Defining ports or assets to exclude from a scan |
| 19 |
Configuring and saving a scan policy in the |
|
|
Proventia Manager | . | 20 |
Agent policies for Enterprise Scanner | . | 35 |
Agent policy descriptions for Enterprise Scanner |
| 35 |
Network Locations policy | . | 36 |
Notification policy | . | 38 |
Access policy | . | 39 |
Networking policy | . | 40 |
Services policy | . | 43 |
Time policy | . | 44 |
Update Settings policy | . | 45 |
Asset policies for Enterprise Scanner | . | 45 |
Asset policy descriptions for Enterprise Scanner |
| 45 |
Discovery policy | . | 46 |
Assessment policy | . | 48 |
Assessment Credentials policy | . | 55 |
Scan Control policy | . | 57 |
Scan Window policy | . | 59 |
Scan Exclusion policy | . | 61 |
Network Services policy | . | 62 |
Ad Hoc Scan Control policy | . | 64 |
Chapter 4. Understanding scanning |
|
|
|
processes in SiteProtector . . . . | . | . | 67 |
What is perspective? | . | . | 68 |
Defining perspectives | . | . | 69 |
Scan jobs and related terms | . | . | 71 |
Types of tasks | . | . | 72 |
Priorities for running tasks | . | . | 73 |
Stages of a scanning process | . | . | 74 |
Optimizing cycle duration, scan windows, and |
|
|
|
subtasks for Enterprise Scanner | . | . | 76 |
Chapter 2. Interpreting scan results in |
|
|
the Proventia Manager | . | 21 |
Running an ad hoc scan | . | 22 |
Monitoring the status of a scan | . | 23 |
Viewing the results of an ad hoc scan . . . . | . 24 | |
Exporting scan results from Proventia Manager . | . 24 | |
Purging scan data from the database | . 25 |
Part 2. Scanning from the SiteProtector Console . . . . . . . 27
Chapter 5. Background scanning in SiteProtector . . . . . . . . . . . . 79
Determining when background scans run . . . . 80 How policies apply to ad hoc and background scans 81 Background scanning checklists for Enterprise Scanner. . . . . . . . . . . . . . . . 83
Enabling background scanning | . 84 | |
Defining when scanning is allowed | . 85 | |
Defining ports or assets to exclude from a scan . | . 87 | |
Defining network services | . | 88 |
Defining assessment credentials for a policy . . | . | 89 |
Chapter 3. Enterprise Scanner policies
Policy inheritance with Enterprise Scanner policies Deploying an Enterprise Scanner policy from the policy repository . . . . . . . . . . .
Migrating a locally managed Enterprise Scanner agent into SiteProtector . . . . . . . . .
Viewing asset or agent policies for Enterprise Scanner. . . . . . . . . . . . . . .
Getting vulnerability help for a SiteProtector Console without Internet access . . . . . .
| 29 | Chapter 6. Monitoring scans in |
|
| |
| SiteProtector | . | 91 | ||
| 30 | Viewing your scan jobs | . | 92 | |
. | 31 | Viewing discovery job results | . | 92 | |
Viewing assessment job results | . | 93 | |||
. | 32 | Chapter 7. Managing scans in |
|
| |
. | 33 | SiteProtector | . | 95 | |
Stopping and restarting scan jobs | . | 96 | |||
|
| ||||
. | 34 | Suspending and enabling all background scans . | . 97 | ||
Minimum scanning requirements | . 98 | ||||
|
|
© Copyright IBM Corp. 1997, 2009 | v |