In JSA Vulnerability Manager, you can configure
a scan of the Windows operating systems that are installed on your
network. You can manually specify the credentials in the scan profile
or use a credential set.
If scanning is performed without administrative privileges,
then JSA Vulnerability Manager scans the remote registry
for each installation on the Windows operating system.
Scanning without administrative privileges is incomplete, prone
to false positives, and does not cover many third-party applications.
JSA Vulnerability Manager uses
standard Windows operating system remote access protocols that are
enabled by default in most windows deployments.
- Click the Vulnerabilities tab.
- In the navigation pane, select Administrative >Scan
Profiles.
- On the toolbar, click Add.
When you create a scan profile, the only mandatory fields are Name and IP Addresses on the Details tab of the Scan Profile Configuration page. To configure
an authenticated scan of the Windows operating system, you must also
follow the remaining steps in this procedure.
- Click Use Centralized Credentials to scan your
Windows operating systems.
You must configure a credential set or manually specify credentials
for hosts before scan tools that require credentials can run.
If QVM cannot find a centralized credential set for
the hosts that you are scanning, it uses existing credentials
that you manually specify in the Additional Credentials tab.
- Click the When To Scan pane.
- In the Run Schedule list, select Manual.
If you want the scan to run at a later time, choose from one
of the available Run Schedule options.
- Click the Additional Credentials area.
- In the Windows Patch Scanning area, type the Domain, Username, and Password for the
Windows hosts that you want to scan and click (>).
The domain name that you type is your Windows domain, not an
Internet domain.
- Click Save.
- In the Scan Profiles page, click Run.