Table of Contents
Advertisement
Chapter 13: Tracking and Remediation
Overview of the Remediation Process
Introduction
Process overview
Scanning
suggestions
186
You can use Enterprise Scanner to collect the following information about your enterprise:
What assets are on the enterprise networks?
●
What services are running on these assets?
●
What applications are running on these assets?
●
What vulnerabilities exist on these assets?
●
After Enterprise Scanner has collected this information, you can determine which
conditions require attention and create work tickets from the SiteProtector Console.
The following table outlines a remediation process using SiteProtector:
Task
Description
1
Scan your network using Enterprise Scanner.
2
View the information in the SiteProtector Console, and determine which situations require
further investigation.
3
Create and assign tickets for work to be completed.
4
Track tickets and edit status as necessary throughout the remediation process.
5
Report on tickets as necessary throughout the remediation process.
6
Close tickets in one of the following ways:
•
manually
•
automatically after system verification has been completed
Table 67: Remediation process
If you are relying on regular background scans to verify and close tickets, make sure that
the cycle duration is short enough to verify work items within the time period allocated.
That is, if your company policy states that high risk vulnerabilities be corrected within 24
hours, make sure that a background scan happens within 24 hours to verify completion.
If you do not want to modify the cycle duration for your background scans, you can run
an ad hoc scan to verify and close tickets that are pending system verification.
IBM Internet Security Systems
Advertisement
Table of Contents
