McAfee PASCDE-AB-IA Product Guide - Page 29

Configuring agentless audits Configure McAfee Vulnerability Manager and the ePolicy Orchestrator extension The installation application automatically creates a server task named PA: Maintain Foundstone audits when you install the McAfee Vulnerability Manager extension. The task runs once per day by default. If you need to change the schedule, you should schedule it to run after the Data Collection Scan has had the opportunity to conduct audits so that audit results stay current. The purpose of the PA: Maintain Foundstone audits server task is to: • Adhere to audit frequency requirements by requesting audit results from McAfee Vulnerability Manager for any systems whose results expire within the next 24 hours. The task does not retrieve results from McAfee Vulnerability Manager, but requests McAfee Vulnerability Manager to update and assemble audit results from data in preparation for scanning systems and returning the results to McAfee Policy Auditor. • Synchronize information between McAfee Vulnerability Manager and McAfee Policy Auditor. For example, if you add or delete an audit from McAfee Vulnerability Manager, the task will add or delete an audit from McAfee Policy Auditor. • Distribute content, such as benchmarks, to the McAfee Vulnerability Manager server. If the benchmark has been updated on the ePolicy Orchestrator server, the task will update the benchmark on the McAfee Vulnerability Manager server. • Perform assorted cleanup tasks on the McAfee Vulnerability Manager server. The Data Import server task McAfee Vulnerability Manager uses the MVM Data Import server task to populate the ePolicy Orchestrator server database with system data from the McAfee Vulnerability Manager database. The server task automatically gathers new McAfee Vulnerability Manager database asset data on a regular schedule. For audit results to remain current, the task must be scheduled to run after the PA: Maintain Audits Server task has finished running. Server support Before configuring McAfee Vulnerability Manager server, it is important to understand how McAfee Vulnerability Manager and ePolicy Orchestrator work together. One McAfee Vulnerability Manager server can support multiple ePolicy Orchestrator servers running McAfee Policy Auditor. However, an ePolicy Orchestrator server running McAfee Policy Auditor can only integrate with one McAfee Vulnerability Manager server. Configure McAfee Vulnerability Manager and the ePolicy Orchestrator extension You can configure McAfee Vulnerability Manager and the McAfee Vulnerability Manager extension to discover systems, collect data, and synchronize this information with McAfee Policy Auditor. Tasks Create a McAfee Vulnerability Manager workgroup Configure the McAfee Vulnerability Manager single sign-on feature Create a data source to synchronize McAfee Vulnerability Manager and ePolicy Orchestrator Register a McAfee Vulnerability Manager database server with McAfee Policy Auditor McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6 29