Configuring an Authenticated Scan Of the Windows Operating System
In JSA Vulnerability Manager, you can configure a scan of the Windows operating systems that are installed on your network. You can manually specify the credentials in the scan profile or use a credential set.
If scanning is performed without administrative privileges, then JSA Vulnerability Manager scans the remote registry for each installation on the Windows operating system.
Scanning without administrative privileges is incomplete, prone to false positives, and does not cover many third-party applications.
JSA Vulnerability Manager uses standard Windows operating system remote access protocols that are enabled by default in most windows deployments.
- Click the Vulnerabilities tab.
- In the navigation pane, select Administrative >Scan Profiles.
- On the toolbar, click Add.
When you create a scan profile, the only mandatory fields are Name and IP Addresses on the Details tab of the Scan Profile Configuration page. To configure an authenticated scan of the Windows operating system, you must also follow the remaining steps in this procedure.
- Click Use Centralized Credentials to scan your Windows operating systems.
You must configure a credential set or manually specify credentials for hosts before scan tools that require credentials can run.
If QVM cannot find a centralized credential set for the hosts that you are scanning, it uses existing credentials that you manually specify in the Additional Credentials tab.
- Click the When To Scan pane.
- In the Run Schedule list, select Manual.
If you want the scan to run at a later time, choose from one of the available Run Schedule options.
- Click the Additional Credentials area.
- In the Windows Patch Scanning area, type the Domain, Username, and Password for the
Windows hosts that you want to scan and click (>).
The domain name that you type is your Windows domain, not an internet domain.
- Click Save.
- In the Scan Profiles page, click Run.