ContentsTrademarks and Disclaimer ......iii
About this book...........vii
Related publications ...........viii
Technical support contacts .........viii
Part 1. Scanning from the Proventia
Manager ..............1
Chapter 1. Ad hoc scanning in the
Proventia Manager ..........3
Section A: Network configuration .......4
Configuring the management network interface . 4
Configuring the scanning network interface . . . 5
Configuring scanning interface DNS settings . . 6
Assigning perspective to a scanning interface . . 7
Configuring routes for perspective ......7
Section B: Policy configuration ........8
Defining assets for a discovery scan .....8
Displaying assessment checks by groups ....9
Displaying information about assessment checks 10
Selecting assessment checks with filters ....11
Configuring common assessment settings for an
Assessment policy ...........12
Defining assessment credentials for a policy . . 16
Defining the service names associated with TCP
and UDP ports ............18
Defining ports or assets to exclude from a scan 19
Configuring and saving a scan policy in the
Proventia Manager ...........20
Chapter 2. Interpreting scan results in
the Proventia Manager ........21
Running an ad hoc scan ..........22
Monitoring the status of a scan........23
Viewing the results of an ad hoc scan .....24
Exporting scan results from Proventia Manager . . 24
Purging scan data from the database ......25
Part 2. Scanning from the
SiteProtector Console .......27
Chapter 3. Enterprise Scanner policies 29
Policy inheritance with Enterprise Scanner policies 30
Deploying an Enterprise Scanner policy from the
policy repository ............31
Migrating a locally managed Enterprise Scanner
agent into SiteProtector ..........32
Viewing asset or agent policies for Enterprise
Scanner................33
Getting vulnerability help for a SiteProtector
Console without Internet access .......34
Agent policies for Enterprise Scanner......35
Agent policy descriptions for Enterprise Scanner 35
Network Locations policy ........36
Notification policy ...........38
Access policy .............39
Networking policy ...........40
Services policy ............43
Time policy .............44
Update Settings policy..........45
Asset policies for Enterprise Scanner ......45
Asset policy descriptions for Enterprise Scanner 45
Discovery policy............46
Assessment policy ...........48
Assessment Credentials policy .......55
Scan Control policy...........57
Scan Window policy ..........59
Scan Exclusion policy ..........61
Network Services policy .........62
Ad Hoc Scan Control policy........64
Chapter 4. Understanding scanning
processes in SiteProtector ......67
What is perspective? ...........68
Defining perspectives ...........69
Scan jobs and related terms .........71
Types of tasks .............72
Priorities for running tasks .........73
Stages of a scanning process.........74
Optimizing cycle duration, scan windows, and
subtasks for Enterprise Scanner........76
Chapter 5. Background scanning in
SiteProtector ............79
Determining when background scans run ....80
How policies apply to ad hoc and background scans 81
Background scanning checklists for Enterprise
Scanner................83
Enabling background scanning ........84
Defining when scanning is allowed ......85
Defining ports or assets to exclude from a scan . . 87
Defining network services .........88
Defining assessment credentials for a policy . . . 89
Chapter 6. Monitoring scans in
SiteProtector ............91
Viewing your scan jobs ..........92
Viewing discovery job results ........92
Viewing assessment job results ........93
Chapter 7. Managing scans in
SiteProtector ............95
Stopping and restarting scan jobs .......96
Suspending and enabling all background scans . . 97
Minimum scanning requirements .......98
© Copyright IBM Corp. 1997, 2009 v