McAfee PASCDE-AB-IA Product Guide - Page 35

Add systems found by McAfee Vulnerability Manager scans to the System Tree

Page 35 highlights

Configuring agentless audits Configure McAfee Vulnerability Manager and the ePolicy Orchestrator extension Add systems found by McAfee Vulnerability Manager scans to the System Tree You can add systems discovered during a McAfee Vulnerability Manager scan to the ePolicy Orchestrator server System Tree. To use systems discovered by a McAfee Vulnerability Manager scan in McAfee Vulnerability Manager, the user must import the systems into the ePolicy Orchestrator server and make them available through the System Tree. Task For option definitions, click ? in the interface. 1 In the ePolicy Orchestrator user interface, click Menu | Systems | Detected Systems. 2 Select a Subnet in the Top 25 Subnets pane. 3 Select systems that you want to add to a System Tree group from the Rogue System Interfaces by Subnet list. Click Add to System Tree. The Add to System Tree page appears. 4 Click Browse and select a System Tree group. 5 Select Allow duplicate entries to be added to the System Tree only if you wish to allow duplicate entries in the System Tree. Caution: McAfee recommends caution when selecting this box, but there are valid reasons to use this feature. For example, you might have two systems with the same name but different IP addresses. 6 Click Add to add the selected systems to the selected group. 7 Repeat steps 2-6 to add other systems to System Tree groups. Create a Data Collection Scan Create a McAfee Policy Auditor Data Collection Scan to conduct audits requested by McAfee Policy Auditor. NOTE: Agentless audits conducted by McAfee Vulnerability Manager do not honor whiteout and blackout periods. Task For option definitions, click ? in the interface. 1 In the ePolicy Orchestrator user interface, click Menu | Risk & Compliance | Audits, then click Edit Foundstone Scans. The Scan Configuration page opens in a new browser window. 2 Click New Scan. The Scan Details page opens in a new browser window. Select Use a Vulnerability Manager template and click Next. The Vulnerability Templates appear. 3 Select McAfee Policy Auditor Data Collection Scan under the XCCDF Templates section. Click Next. 4 Supply a descriptive name for the scan and select Custom from the Type drop-down list. 5 McAfee Vulnerability Manager offers three methods to search for assets or to exclude systems from scans. Select one method or any combination of the three methods to include or exclude systems. When finished, click Next. The Settings tab appears. McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6 35

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98

Add systems found by McAfee Vulnerability Manager scans to the
System Tree
You can add systems discovered during a McAfee Vulnerability Manager scan to the
ePolicy Orchestrator server System Tree.
To use systems discovered by a McAfee Vulnerability Manager scan in McAfee Vulnerability
Manager, the user must import the systems into the ePolicy Orchestrator server and make them
available through the System Tree.
Task
For option definitions, click
?
in the interface.
1
In the ePolicy Orchestrator user interface, click
Menu | Systems | Detected Systems
.
2
Select a
Subnet
in the
Top 25 Subnets
pane.
3
Select systems that you want to add to a System Tree group from the
Rogue System
Interfaces by Subnet
list. Click
Add to System Tree
.The Add to System Tree page
appears.
4
Click
Browse
and select a System Tree group.
5
Select
Allow duplicate entries to be added to the System Tree
only if you wish to allow
duplicate entries in the System Tree.
Caution:
McAfee recommends caution when selecting this box, but there are valid reasons
to use this feature. For example, you might have two systems with the same name but
different IP addresses.
6
Click
Add
to add the selected systems to the selected group.
7
Repeat steps 2
6 to add other systems to System Tree groups.
Create a Data Collection Scan
Create a McAfee Policy Auditor Data Collection Scan to conduct audits requested by
McAfee Policy Auditor.
NOTE:
Agentless audits conducted by McAfee Vulnerability Manager do not honor whiteout
and blackout periods.
Task
For option definitions, click
?
in the interface.
1
In the ePolicy Orchestrator user interface, click
Menu | Risk & Compliance | Audits
, then
click
Edit Foundstone Scans
. The Scan Configuration page opens in a new browser
window.
2
Click
New Scan
.The Scan Details page opens in a new browser window. Select
Use a
Vulnerability Manager template
and click
Next
.The Vulnerability Templates appear.
3
Select
McAfee Policy Auditor Data Collection Scan
under the XCCDF Templates section.
Click
Next
.
4
Supply a descriptive name for the scan and select
Custom
from the
Type
drop-down list.
5
McAfee Vulnerability Manager offers three methods to search for assets or to exclude
systems from scans. Select one method or any combination of the three methods to include
or exclude systems. When finished, click
Next
. The Settings tab appears.
Configuring agentless audits
Configure McAfee Vulnerability Manager and the ePolicy Orchestrator extension
35
McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6