Foundstone vulnerability scans

The Foundstone scanner must be configured using its GUI, as described in the Foundstone documentation.  Once it is configured, you can use the NetProfiler Administration > Integration > Vulnerability Scanning page to select among certain options that are configured on the Foundstone scanner.

To configure Quick scans and Deep scans by a Foundstone scanner:

1. Go to the Administration > Integration > Vulnerability Scanning page.

2. Select the Quick Scan or Deep Scan tab, as applicable.

3. Select Foundstone from the Scanner list box.

4. Fill in the Host name and Port fields with the IP address or the resolvable DNS host name and port number of the Foundstone Enterprise Manager or McAffee Vulnerability Manager.

5. Click Apply.  

6. Use the Authentication and Settings buttons to open pages for specifying the remaining information.

Authentication

Enter the username, password required for the NetProfiler to access the Foundstone scanner. Optionally, upload the files containing the customer-specific certificate and the certificate passphrase. Refer to the Foundstone documentation for information about the certificate file.  

Settings

Enter the settings that the Foundstone scanner is expecting to receive:

• Version Number

• Organizational Name

• API Server URL  (usually https:// hostname:3800)

• Scan Configuration Name

When the Create a new Scan Configuration for each scan checkbox is selected, a new scan configuration is created for each scan. Each configuration is given the name specified in the Scan Configuration Name field with the time stamp string appended.  

Automatic vulnerability scanning

Manually initiating a vulnerability scan

Types of vulnerability scans

Vulnerability scans