Contents

Trademarks and Disclaimer . . . . . . iii

About this book . . . . . . . . . . . vii

Related publications . . . . . . . . . . . viii Technical support contacts . . . . . . . . . viii

Part 1. Scanning from the Proventia Manager . . . . . . . . . . . . . . 1

Chapter 1. Ad hoc scanning in the Proventia Manager . . . . . . . . . . 3

Section A: Network configuration

.

4

Configuring the management network interface

. 4

Configuring the scanning network interface . . . 5

Configuring scanning interface DNS settings .

. 6

Assigning perspective to a scanning interface .

. 7

Configuring routes for perspective

.

7

Section B: Policy configuration

.

8

Defining assets for a discovery scan . . . .

.

8

Displaying assessment checks by groups . . . . 9

Displaying information about assessment checks

 

10

Selecting assessment checks with filters . . .

.

11

Configuring common assessment settings for an

 

 

Assessment policy

.

12

Defining assessment credentials for a policy .

. 16

Defining the service names associated with TCP

 

 

and UDP ports

.

18

Defining ports or assets to exclude from a scan

 

19

Configuring and saving a scan policy in the

 

 

Proventia Manager

.

20

Agent policies for Enterprise Scanner

.

35

Agent policy descriptions for Enterprise Scanner

 

35

Network Locations policy

.

36

Notification policy

.

38

Access policy

.

39

Networking policy

.

40

Services policy

.

43

Time policy

.

44

Update Settings policy

.

45

Asset policies for Enterprise Scanner

.

45

Asset policy descriptions for Enterprise Scanner

 

45

Discovery policy

.

46

Assessment policy

.

48

Assessment Credentials policy

.

55

Scan Control policy

.

57

Scan Window policy

.

59

Scan Exclusion policy

.

61

Network Services policy

.

62

Ad Hoc Scan Control policy

.

64

Chapter 4. Understanding scanning

 

 

 

processes in SiteProtector . . . .

.

.

67

What is perspective?

.

.

68

Defining perspectives

.

.

69

Scan jobs and related terms

.

.

71

Types of tasks

.

.

72

Priorities for running tasks

.

.

73

Stages of a scanning process

.

.

74

Optimizing cycle duration, scan windows, and

 

 

 

subtasks for Enterprise Scanner

.

.

76

Chapter 2. Interpreting scan results in

 

 

the Proventia Manager

.

21

Running an ad hoc scan

.

22

Monitoring the status of a scan

.

23

Viewing the results of an ad hoc scan . . . .

. 24

Exporting scan results from Proventia Manager .

. 24

Purging scan data from the database

. 25

Part 2. Scanning from the SiteProtector Console . . . . . . . 27

Chapter 5. Background scanning in SiteProtector . . . . . . . . . . . . 79

Determining when background scans run . . . . 80 How policies apply to ad hoc and background scans 81 Background scanning checklists for Enterprise Scanner. . . . . . . . . . . . . . . . 83

Enabling background scanning

. 84

Defining when scanning is allowed

. 85

Defining ports or assets to exclude from a scan .

. 87

Defining network services

.

88

Defining assessment credentials for a policy . .

.

89

Chapter 3. Enterprise Scanner policies

Policy inheritance with Enterprise Scanner policies Deploying an Enterprise Scanner policy from the policy repository . . . . . . . . . . .

Migrating a locally managed Enterprise Scanner agent into SiteProtector . . . . . . . . .

Viewing asset or agent policies for Enterprise Scanner. . . . . . . . . . . . . . .

Getting vulnerability help for a SiteProtector Console without Internet access . . . . . .

 

29

Chapter 6. Monitoring scans in

 

 

 

SiteProtector

.

91

 

30

Viewing your scan jobs

.

92

.

31

Viewing discovery job results

.

92

Viewing assessment job results

.

93

.

32

Chapter 7. Managing scans in

 

 

.

33

SiteProtector

.

95

Stopping and restarting scan jobs

.

96

 

 

.

34

Suspending and enabling all background scans .

. 97

Minimum scanning requirements

. 98

 

 

© Copyright IBM Corp. 1997, 2009

v

Page 5
Image 5
IBM Partner Pavilion 2.3 manual Contents