Adding the Full Scan Plus Scan Policy to JSA Vulnerability Manager

To add the Full Scan Plus scan policy to JSA Vulnerability Manager, you must download the QVM Engine for OpenVAS NVTs RPM Package Manager (RPM) from IBM Fix Central and install it on your JSA Console.

• Ensure you have JSA 7.3.1, Patch 3 or later installed.

• Ensure the JSA Vulnerability Manager processor and scanner are enabled.

1. Download the RPM from IBM Fix Central and save it in the /store/rpms directory on the Console.
2. Type the following command to install the RPM on the JSA Console:

   rpm -ivh /store/rpms/qvm-openvas-x.x-x.noarch.rpm

   Note

   In a High Availability environment, perform this step only on the primary console.

3. Type the following command to enable the Full Scan Plus scan policy:

   /store/qvm/openvas/ openvas_switch.sh enable

   Note

   Complete this step on the Console only. This step deploys the configuration to the entire system. No actions are required on Managed Hosts.

4. Run automatic updates by performing the following tasks:

   1. On the navigation menu, click Admin to open the admin tab.

   2. In the System Configuration section, click Auto Update.

   3. Click Get New Updates.

   4. If new updates appear on the list, click Install > All Updates.

   Note

   You must trigger Auto Update to complete the installation of the Full Scan Plus policy. At this time, additional tools are downloaded and installed. The scan policy will be available in the UI after this installation is complete. You must carry out this step, even if Auto Update has already run for the current day.