JSA uses vulnerability assessment (VA) information to determine offense threat levels and remove false positives, by correlating event data, network activity, and behavioral changes.
To schedule scans and maintain your VA data, you can integrate JSA with VA tools such as third-party scanners. Depending on the scanner type, JSA imports scan results from the scanner server or initiates a scan remotely.
Scan results provide the system version and port number of each server in the Classless Inter-Domain Routing (CIDR) address range. The information shows the ports that are open and the vulnerabilities on the system.
Ensure that you download and apply the most recent scanner plug-ins.
For more information about configuring VA scanners, see the Juniper Secure Analytics Managing Vulnerability Assessment Guide.