Contents

Trademarks and Disclaimer . . . . . . iii

About this book . . . . . . . . . . . vii

Related publications . . . . . . . . . . . viii Technical support contacts . . . . . . . . . viii

Part 1. Scanning from the Proventia Manager . . . . . . . . . . . . . . 1

Chapter 1. Ad hoc scanning in the Proventia Manager . . . . . . . . . . 3

Section A: Network configuration	.	4
Configuring the management network interface	. 4
Configuring the scanning network interface . . . 5
Configuring scanning interface DNS settings .	. 6
Assigning perspective to a scanning interface .	. 7
Configuring routes for perspective	.	7
Section B: Policy configuration	.	8
Defining assets for a discovery scan . . . .	.	8
Displaying assessment checks by groups . . . . 9
Displaying information about assessment checks		10
Selecting assessment checks with filters . . .	.	11
Configuring common assessment settings for an
Assessment policy	.	12
Defining assessment credentials for a policy .	. 16
Defining the service names associated with TCP
and UDP ports	.	18
Defining ports or assets to exclude from a scan		19
Configuring and saving a scan policy in the
Proventia Manager	.	20

Agent policies for Enterprise Scanner	.	35
Agent policy descriptions for Enterprise Scanner		35
Network Locations policy	.	36
Notification policy	.	38
Access policy	.	39
Networking policy	.	40
Services policy	.	43
Time policy	.	44
Update Settings policy	.	45
Asset policies for Enterprise Scanner	.	45
Asset policy descriptions for Enterprise Scanner		45
Discovery policy	.	46
Assessment policy	.	48
Assessment Credentials policy	.	55
Scan Control policy	.	57
Scan Window policy	.	59
Scan Exclusion policy	.	61
Network Services policy	.	62
Ad Hoc Scan Control policy	.	64

Chapter 4. Understanding scanning
processes in SiteProtector . . . .	.	.	67
What is perspective?	.	.	68
Defining perspectives	.	.	69
Scan jobs and related terms	.	.	71
Types of tasks	.	.	72
Priorities for running tasks	.	.	73
Stages of a scanning process	.	.	74
Optimizing cycle duration, scan windows, and
subtasks for Enterprise Scanner	.	.	76

Chapter 2. Interpreting scan results in
the Proventia Manager	.	21
Running an ad hoc scan	.	22
Monitoring the status of a scan	.	23
Viewing the results of an ad hoc scan . . . .	. 24
Exporting scan results from Proventia Manager .	. 24
Purging scan data from the database	. 25

Part 2. Scanning from the SiteProtector Console . . . . . . . 27

Chapter 5. Background scanning in SiteProtector . . . . . . . . . . . . 79

Determining when background scans run . . . . 80 How policies apply to ad hoc and background scans 81 Background scanning checklists for Enterprise Scanner. . . . . . . . . . . . . . . . 83

Enabling background scanning	. 84
Defining when scanning is allowed	. 85
Defining ports or assets to exclude from a scan .	. 87
Defining network services	.	88
Defining assessment credentials for a policy . .	.	89

Chapter 3. Enterprise Scanner policies

Policy inheritance with Enterprise Scanner policies Deploying an Enterprise Scanner policy from the policy repository . . . . . . . . . . .

Migrating a locally managed Enterprise Scanner agent into SiteProtector . . . . . . . . .

Viewing asset or agent policies for Enterprise Scanner. . . . . . . . . . . . . . .

Getting vulnerability help for a SiteProtector Console without Internet access . . . . . .

	29	Chapter 6. Monitoring scans in
	29	SiteProtector	.	91
	30	Viewing your scan jobs	.	92
.	31	Viewing discovery job results	.	92
.	31	Viewing assessment job results	.	93
.	32	Chapter 7. Managing scans in
.	33	SiteProtector	.	95
.	33	Stopping and restarting scan jobs	.	96
		Stopping and restarting scan jobs	.	96
.	34	Suspending and enabling all background scans .	. 97
.	34	Minimum scanning requirements	. 98
		Minimum scanning requirements	. 98

IBM Partner Pavilion 2.3 manual Contents

Models: 2.3