McAfee MTP08EMB3RUA Product Guide - Page 160
What is the difference between PCI scans and McAfee SECURE scans?
UPC - 731944568133
View all McAfee MTP08EMB3RUA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 160 highlights
9 Using Vulnerability Scanning Error messages What is the difference between PCI scans and McAfee SECURE scans? The scanning process for PCI and McAfee SECURE are the same. They differ in the severity levels they assign to vulnerabilities. For example, if a vulnerability is discovered and assigned a severity level of 2 by the McAfee SECURE standard, that device is considered McAfee SECURE compliant. If the vulnerability is assigned a severity level of 3 by the PCI standard, it is not compliant with the PCI Data Security Standard. The PCI Data Security Standard requires that you demonstrate compliance quarterly. What does Advanced network discovery scanning do? Advanced network discovery technology reduces the difficulty in managing the security of large public IP networks. It allows you to quickly discover, identify, and monitor large numbers of network devices, or find rogue devices and unauthorized services across any specified IP subnet range. The PCI Data Security Standard requires that all active devices discovered within any IP ranges allocated to your company be included in your list of devices undergoing full vulnerability scanning. Does Dynamic IP scanning perform a vulnerability audit on network devices? Yes. Dynamic IP scanning is used to perform a vulnerability audit on network devices that do not have a domain name (URL) or static (permanent) IP address. These include networked office computers, computers used as point-of-sale payment terminals, and office, home, or mobile computers using DSL, ISDN, Cable, or dial-up Internet connections. Why am I able to add the same dynamic IP multiple times? The vulnerability scanning portal allows you to enter the same IP addresses for on-demand scans. Each time you add it, it will be scanned only once. Error messages This section includes error messages related to vulnerability scanning. Incomplete scan The most likely cause is that the McAfee IP addresses where scans originate are being blocked by your network's intrusion prevention method, such as a hardware or software firewall. To fix this problem, you must configure the devices you want to scan to accept communications from these IP addresses. 1 Check the most current listing of IP addresses at https://www.mcafeesecure.com/help/Scanlps.sa (accessible from the vulnerability scanning portal) or from the RSS feed at https:// www.mcafeesecure.com/help/Scanlps.rss. 2 Follow the instructions provided in the documentation for your intrusion prevention method, or give this list to your IT administrator. 160 McAfee Total Protection Service 5.1.5 Product Guide