Adding a McAfee Vulnerability Manager SOAP API Scan
You can add a McAfee Vulnerability Manager scanner to enable JSA to collect host and vulnerability information through the McAfee OpenAPI.
- Click the Admin tab.
- Click the VA Scanners icon.
- Click Add.
- In the Scanner Name field, type a name to identify the scanner.
- From the Managed Host list, select the managed
host that manages the scanner import.
Certificates for the scanner must be on the managed host that is selected in the Managed Host list.
- From the Type list, select McAfee Vulnerability Manager.
- In the SOAP API URL field, type the IP address
or hostname of the McAfee Vulnerability Manager that contains the
vulnerabilities you want to retrieve with the SOAP API.
For example, https://foundstone IP address:SOAP port. The default value is https://localhost:3800.
- In the Customer Name field, type the name of the customer that belongs to the user name.
- In the User Name field, type the user name to access McAfee Vulnerability Manager.
- In the Client IP Address field, type the IP
address of the server that you want to perform the scan.
This field is typically not used; however, it may be required for you to validate some scan environments.
- In the Password field, type the password to access McAfee Vulnerability Manager.
- In the Configuration Name field, type the scan
configuration name that exists in McAfee Vulnerability Manager
and to which the user has access.
Make sure that this scan configuration is active or runs frequently.
- In the CA Truststore field, type the directory
path and filename for the CA truststore file.
The default path is /opt/qradar/conf/mvm.keystore.
- In the CA Keystore field, type the directory
path and filename for the client keystore.
The default path is /opt/qradar/conf/mvm.truststore.
- From the McAfee Vulnerability Manager Version list, select the software version of your McAfee Vulnerability Manager.
- To remove previously detected vulnerabilities that were not detected by the most recent scan, select the Vulnerability Cleanup check box.
- To configure a CIDR range for the scanner:
Type the CIDR range for the scan or click Browse to select a CIDR range from the network list.
The McAfee Vulnerability Manager accepts only CIDR addresses ranges to a 0/0 subnet that are added as 0.0.0.0/0.
- Click Save.
- On the Admin tab, click Deploy Changes.
You are now ready to create certificates from McAfee Vulnerability Manager. See Creating Certificates for McAfee Vulnerability Manager.