Adding an IBM SiteProtector Vulnerability Scanner
JSA can poll IBM InfoSphere SiteProtector appliances for vulnerability data with JDBC.
Administrators can add multiple IBM SiteProtector scanners to JSA, each with a different configuration. Multiple configurations provide JSA with the ability to query SiteProtector and only import results from specific CIDR ranges. The scan schedule determines the frequency with which the database on the SiteProtector scanner is queried for vulnerability data.
- Click the Admin tab.
- Click the VA Scanners icon.
- Click Add.
- In the Scanner Name field, type a name to identify the IBM SiteProtector scanner.
- From the Managed Host list, select the managed host from the JSA deployment that manages the scanner import.
- From the Type list, select IBM SiteProtector Scanner.
- In the Hostname field, type the IP address or host name of the IBM SiteProtector that contains vulnerabilities to import.
- In the Port field, type 1433 as the port for the IBM SiteProtector database.
- In the Username field, type the username required to query the IBM SiteProtector database.
- In the Password field, type the password required to query the IBM SiteProtector database.
- In the Domain field, type the domain required,
if required, to connect to the IBM SiteProtector database.
If the database is configured for Windows and inside a domain, you must specify the domain name.
- In the Database Name field, type RealSecureDB as the database name.
- In the Database Instance field, type the database instance for the IBM SiteProtector database. If you are not using a database instance, you can leave this field blank.
- Select the Use Named Pipe Communication if named pipes are required to communicate to the IBM SiteProtector database. If you are using SQL authentication, disable Named Pipe Communication. By default, this check box is clear.
- Select the Use NTLMv2 check box if the IBM
SiteProtector uses NTLMv2 as an authentication protocol. By default,
this check box is clear.
The Use NTLMv2 check box forces MSDE connections to use the NTLMv2 protocol when communicating with SQL servers that require NTLMv2 authentication. The Use NTLMv2 check box is selected, it has no effect on MSDE connections to SQL servers that do not require NTLMv2 authentication.
- To configure a CIDR range for the scanner:
In the text field, type the CIDR range for the scan or click Browse to select a CIDR range from the network list.
- Click Save.
- On the Admin tab, click Deploy Changes.
You are now ready to create a scan schedule. See Scheduling a Vulnerability Scan