Table of Contents
Advertisement
7
Adding a
FoundScan
Scanner
Step 1
Step 2
Step 3
M
ANAGING
Once you install the STRM Foundstone FoundScan scanner, the scanner queries
the FoundScan Engine using the FoundScan OpenAPI. STRM collects
vulnerability data from existing scan results with FoundScan. Therefore, your
FoundScan system must include a configuration appropriate for STRM to use and
a scan that runs regularly to keep the results current. Since the API provides
access to the FoundScan application, make sure the FoundScan application runs
continuously on the FoundScan server.
When using SSL (default) to connect to FoundScan, the FoundScan Engine
requires STRM to authenticate using client-side certificates. By default,
FoundScan includes default certificate authority and client certificates that are the
same for all installations. The STRM FoundScan plugin also includes these same
certificates for use with FoundScan 5.0. If the FoundScan Server uses custom
certificates, or is using a version of FoundScan earlier than 5.1, you must import
the appropriate certificates and keys on the STRM host(s). For more information,
see
Importing Custom
This chapter includes information on configuring a FoundScan scanner including:
•
Adding a FoundScan Scanner
Editing a FoundScan Scanner
•
Deleting a FoundScan Scanner
•
Importing Custom Certificates
•
To add a FoundScan scanner:
In the Administration Console, click the SIM Configuration tab.
The SIM Configuration panel appears.
Click the VA Scanners icon.
The VA Scanners window appears.
Click Add.
The Add Scanner window appears.
Managing Vulnerability Assessment
F
S
OUND
Certificates.
S
CAN
CANNERS
Advertisement
Table of Contents
