TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE"

Transcription

1 TRIPWIRE PURECLOUD TRIPWIRE PureCloud USER GUIDE

2 Tripwire, Inc. All rights reserved. Tripwire and ncircle are registered trademarks of Tripwire, Inc. Other brand or product names may be trademarks or registered trademarks of their respective companies or organizations. Contents of this document are subject to change without notice. Both this document and the software described in it are licensed subject to Tripwire s End User License Agreement located at unless a valid license agreement has been signed by your organization and an authorized representative of Tripwire. This document contains Tripwire confidential information and may be used or copied only in accordance with the terms of such license. Tripwire, Inc. One Main Place 101 SW Main St., Suite 1500 Portland, OR US Toll-free: TRIPWIRE main: fax:

3 Contents Chapter 1. Summary 6 Overview 7 Document List 8 Contact Information 9 Chapter 2. System Recommendations 10 Recommendations 11 Network Configuration 11 Chapter 3. Getting Started 12 Quickstart Scan 13 Logging in to PureCloud 14 Installing a PureCloud Secure Connector 15 Understanding the PureCloud Secure Connector 15 Installing the PureCloud Secure Connector 15 Running a Discovery Scan 18 Adding Credentials 20 Scheduling Scans 23 PureCloud Dashboard 24 Chapter 4. Scanning 28 Scan Profiles 29 Network Settings 30 Scan Settings 34 Credential Settings 37 Schedule Settings 41 Configuring Schedule Settings 41 Scan Types 45 3

4 Vulnerability Scans 46 Discovery Scans 47 Web Application Scans 48 Custom Scan 51 Scan on Demand 52 Running On Demand Scans 52 PCI Scans 53 Setting up you PCI Profile 53 Accessing the PCI Dashboard 53 Completing a PCI Scan 54 Understanding PureCloud PCI Scan Results 58 Remediating PCI Scan Results 58 Disputing and Submitting PCI Scan Results 59 Scan Status 63 Chapter 5. Configuring 64 Remote Secure Connectors 65 Users 66 Configuring New Users 66 Configuring User Roles 67 Managing Users 68 User and Account Settings 70 User Settings 71 Account Settings 74 Chapter 6. Integrating 75 SIH 76 Integrating PureCloud with Tripwire Security Intelligence Hub 76 Third Party Integrations 78 Chapter 7. Managing 79 PureCloud Secure Connectors 80 4

5 Viewing PureCloud Secure Connectors 80 Enabling or Disabling PureCloud Secure Connectors 80 Editing PureCloud Secure Connectors 81 Deleting PureCloud Secure Connectors 82 5

6 Chapter 1. Summary Guide Summary Document List 6

7 Overview Tripwire PureCloud is a cloud-based vulnerability scanner that allows you to: Scan both internal and external networks without having to purchase hardware or open up holes in your firewall Assess the security of remote offices, partners, and M&A targets Understand risks and vulnerabilities that exist outside your firewall This guide outlines Tripwire PureCloud's functionality and details the information required to ensure that PureCloud is configured to meet your organizational needs. 7

8 Document List Tripwire PureCloud includes the following documentation set: Tripwire PureCloud User Guide - details configuration options and field explanations for PureCloud end-users. 8

9 Contact Information Tripwire US Web site: Tripwire International Phone: TRIPWIRE ( ) Web site: Tripwire Technical Support Online support: Support policies: US toll-free: TWSUPPORT ( ; 6am-6pm PST/PDT) EMEA toll-free: (9am-9pm CET/CEST) Australia toll-free: Direct phone: Tripwire Professional Services Tripwire Professional Services provides a wide range of services, including Tripwire Quickstarts, Turnkey Implementations, Change Auditing, and Process Improvement. For more information, please visit or contact your Tripwire sales representative. Tripwire Educational Services Tripwire Educational Services provides hands-on technical training for the installation, configuration, and maintenance of your Tripwire software. All courses are taught by Tripwire Certified Instructors. For more information, please contact your Tripwire sales representative or visit 9

10 Chapter 2. System Recommendations Recommendations 10

11 Recommendations This section outlines Tripwire's system recommendations for a successful deployment of Tripwire PureCloud. Browsers Tripwire recommends operating PureCloud using the following supported browsers: Google Chrome (latest version as of 12/01/2014) Internet Explorer (versions 10 or 11) Mozilla Firefox (latest version as of 12/01/14) Secure Connector The PureCloud Secure Connector should be installed on a Windows host. The following versions of Windows are supported: Windows 7 Windows Server 2003 Windows Server 2008 Windows Vista Installing the Secure Connector on hosts running non-windows operating systems is not supported. Network Configuration If your network is configured to block outbound traffic, please ensure that the machine running the Tripwire Secure Connector can make outbound connections to purecloud.ncircle.com using the following ports: UDP or 443 TCP You may also need to whitelist PureCloud source IP addresses. Internal Scans - Whitelist the IP address of the machine hosting the PureCloud Secure Connector External Scans - Whitelist the following ranges of IP addresses hosted by PureCloud / /25 11

12 Chapter 3. Getting Started Quickstart Scan Logging in to PureCloud Running a Discovery Scan Adding Credentials Scheduling a Scan PureCloud Dashboard 12

13 Quickstart Scan This section will introduce you to the basic concepts of scanning with Tripwire PureCloud, including: Initial log in to PureCloud Installing a PureCloud Secure Connector Running a basic Discovery Scan Adding Credentials for more robust scanning Adding a Scan Schedule Following the instructions in this section, you should be able to complete your first PureCloud scan in approximately 30 minutes. This section serves as an introduction. More in-depth information can be found in the following sections of this guide. 13

14 Logging in to PureCloud PureCloud accounts are created by PureCloud Administrators. Once your account has been created, you will receive an from Click the link contained in the to set your password. You will not be able to log in to your PureCloud account until you have set your password and registered the account. Logging in to PureCloud Once your account has been registered, you can log in to PureCloud by navigating to the following URL: On the PureCloud Login screen, enter your address and the password you used to register your account. Note Your address and password are case-sensitive. Click Login. 14

15 Installing a PureCloud Secure Connector Depending on the type of scan you are running, you may need to install a PureCloud Secure Connector. Scans that include only external, publicly visible IP addresses can be performed without installing a PureCloud Secure Connector. For scans that include internal IP addresses, a PureCloud Secure Connector is required. Before you can run a scan, you must install a PureCloud Secure Connector on the machine from which scans will be initiated. Installing a PureCloud Secure Connector is free, so you can install PureCloud Secure Connectors on as many devices as necessary. Note The PureCloud Secure Connector should only be installed on a Windows machine by a user with Administrator privileges. For a list of supported Windows versions, see System Recommendations. Understanding the PureCloud Secure Connector The PureCloud Secure Connector handles routing scans of internal IP addresses to PureCloud's cloud-based scanners. Because of this, the PureCloud Secure Connector does not use a lot of the hosting computer's bandwidth or system resources. On average, an internal scan will consume approximately 14KB per second to perform a scan. Additionally, the PureCloud Secure Connector runs as a service in the background. During a scan, the PureCloud Secure Connector makes an outbound connection to PureCloud to establish a connection for the scan. The connection only lasts for the duration of the scan. The PureCloud Secure Connector uses very little resources on the hosting computer. Installing the PureCloud Secure Connector PureCloud Secure Connectors should be installed on a server or desktop that is always running. If the PureCloud Secure Connector is installed on a machine that is regularly shut down, any scans that are configured to run during that downtime will be cancelled since the PureCloud Secure Connector will not be online to establish connectivity. PureCloud Secure Connectors should be installed on a machine that has network access to each of the networks that will be scanned using the PureCloud Secure Connector. For segmented networks, you need to install a PureCloud Secure Connector on each network. To install the PureCloud Secure Connector for a new account 1. After logging in to PureCloud on the machine from which PureCloud scans will be initiated, you will see the PureCloud Dashboard. In the Scan Profiles pane of the PureCloud Dashboard, click Add New Scan Profile. 15

16 2. In the Scan Profile Configuration pane, click Download New Connector. 3. In the Secure Connector pop up, click Save File to confirm the download. 4. Your new connector will display in the Connector drop-down menu. Once the Secure Connector has been installed, you can run a Discovery Scan. Note If you will be scanning networks that must go through a proxy to reach external websites, the Secure Connector will have to be configured to use that proxy. To do so, run the PureCloud Config Tool by navigating to C:\Program Files \Tripwire PureCloud Secure Connector\PureCloudConfigTool.exe on the computer on which the PureCloud Secure Connector is installed. To install the PureCloud Secure Connector for an existing account 1. After logging in to PureCloud on the machine from which PureCloud scans will be initiated, you will see the PureCloud Dashboard. At the bottom of the Scan Profiles pane of the PureCloud Dashboard, click Add. 2. In the Scan Profiles Configuration pane, click Download New Connector. 16

17 3. In the Secure Connector pop up, click Save File to confirm the download. 4. Your new connector will display in the Connector drop-down menu. 17

18 Running a Discovery Scan A discovery allows PureCloud to identify the hosts on your network. Using the results of the discovery scan will help you configure additional PureCloud settings, such as adding credentials. To run an initial Discovery Scan 1. Initiate a Discovery Scan from the PureCloud Dashboard in one of the following ways: a. For an initial Discovery Scan, click Add New Scan Profile in the Scan Profiles pane of the PureCloud Dashboard. b. For additional Discovery Scans, click Add in the Scan Profiles pane of the PureCloud Dashboard. 2. In the Scan Profile Configuration pane, type a name for the Scan Profile. 3. Select the Secure Connector you would like to use for the scan: If your scan includes only external, publicly visible IP addresses, select Perimeter Scan from the drop-down menu. If your scan includes an internal IP addresses, select the PureCloud Secure Connector you installed. 4. Select the network range for the of Discovery Scan: Standard Scan - to scan the entire network on which the host machine resides Scan Cloud Hosts - to scan Amazon EC2 accounts Scan Specific Devices - to scan a specified network range. You can enter a single host or an IP range. To add specific devices a. In the Add Devices text box, type the network space for the devices you want to scan. Devices can be entered as single IP addresses or IP ranges. b. Click to add the devices to the scan profile. c. The new devices added to the scan profile will be displayed in the Hosts table. 18

19 5. Click Finish to save your Scan Profile. When a new Scan Profile is saved, PureCloud will give you the option to run a scan using the new Scan Profile. Click OK to run an immediate scan. By default, PureCloud will run a Vulnerability Scan on the standard set of commonly used TCP and UDP ports. If you would like to save the Scan Profile without running a scan, click Cancel. 19

20 Adding Credentials Once your Discovery Scan has completed, you can add credentials to the devices included in the scan profile. For more details about adding credentials to a PureCloud scan, see Credential Settings. To add credentials to a scan profile 1. In the Scan Profiles pane of the PureCloud Dashboard, select the scan profile to which you want to apply credentials. 2. Click Editat the bottom of the Scan Profiles pane. 3. On the Scan Profiles Configuration pane, click Continue. 4. On the Scan Settings pane, click Continue. 5. On the Credentials pane, add credentials for the devices included in the network. Configuring Credentials a. At the bottom of the Credentials pane, click Add. b. In the Add Login pane, type a name for the credential set. Tripwire recommends that the name you enter here be descriptive enough to help you identify the devices to which it belongs. For example, "ALP87Laptop". c. Use the Type drop-down menu to select the type of credential to configure. The following options are available: 20

21 Windows SSH (Password) SSH (Key) SNMPv1 Web Form Web HTTP For more information about the types of credentials available and the information required for each credential type, see Credential Settings. d. Enter the required credential information for the credential type selected. e. Click Create. Once your credentials have been created, they will appear in the Login list under the tab for that specific credential type. 21

22 6. Apply credentials to devices in your network. Applying Credentials to Devices a. Select that tab that contains the credential you would like to apply to a device in your network. b. In the Login pane, select the credential you would like to apply. c. In the Target Device pane, place a check next to the device or devices to which you would like to apply the credential. 7. Continue steps 6 and 7 until all your credentials are configured and applied to devices. 8. Click Finish. 22

23 Scheduling Scans Configure a scan schedule allows you to specify when to run a PureCloud scan for the selected Scan Profile. PureCloud scans can be configured to run one time at a specified time or on a recurring schedule. Scan Profiles are not required to have an assigned scan schedule. Scan Profiles that are not assigned a scan schedule will not run automatically. For more information about running a scan on demand, see Scan On Demand. One Time Scheduled Scans One Time Scheduled Scans are scans that run once on the date and time you specify. Recurring Scans To configure a One Time Scan 1. On the Schedule Setting page of the Scan Profile wizard, select One time only. 2. Enter the date and time for the scan to run. 3. Click Finish. Recurring Scans are scans that run continually according to the schedule that you specify. Recurring Scans can be configured to run weekly or monthly, on a specific day of the week or month. To configure a Recurring Scan 1. On the Schedule Settings page of the Scan Profile wizard, select Recurring. 2. Use the drop-down menus to select whether to run the scan Weekly or Monthly. 3. Use the On day drop down to select the day of the week or month on which to run the scan. 4. Enter a time for the scan to run. 5. Click Finish. 23

24 PureCloud Dashboard The PureCloud Dashboard provides an at-a-glance overview of your Scan Profiles, Scan Results, and network health. The PureCloud Dashboard is divided into three panes: Scan Profile The Scan Profile pane displays all of the Scan Profiles that have been associated with your PureCloud account, including all the Scan Profiles created by the users on your PureCloud account. You can view additional Scan Profile details by clicking click.. To minimize the details window, The Scan Profiles pane can be filtered according to the PureCloud Connector used to perform a scan. To filter the Scan Profiles pane by Connector, use the Connector drop-down menu to select the desired connector. 24

25 Scan Results/Scan Progress The Scan Results or Scan Progress pane displays scan information related to the Scan Profile selected in the Scan Profile pane. When a scan is actively running on the Scan Profile, the Scan Progress pane will be displayed when the Scan Profile is selected. The Scan Progress pane displays the scan progress for each host on the network. When a scan has completed, PureCloud displays the Scan Results pane when the Scan Profile is selected. The Scan Results pane displays information related to the last scan performed by PureCloud on the network, including host IP addresses, hostname, operating system, and host score. 25

26 Note If no devices are displayed in the Scan Results pane after running an internal scan, the computer hosting the PureCloud Secure Connector may not have been able to route to the intended scan targets or networks. Check basic network connectivity and verify that there are no additional firewalls or security controls in place that would block the connection between the computer hosting the PureCloud Secure Connector and the scan targets. Network Overview The Network Overview pane displays an overview of the health of your network in relation to PureCloud benchmarks. The overview is displayed graphically using the following analytics: Average Risk Score bar chart - a historical overview of the Average Risk Score for the selected network Devices by Vulnerability Severity pie chart - an overview of the Vulnerability Severity for devices on the selected network. CVSS scoring is based off a scale of 1 to 10. Low = CVSS scores from 1 to 3.9 Medium = CVSS scores from 4 to 6.9 High = CVSS scores from 7 and above Note If the Devices by Vulnerability Severity pie chart is all green, indicating that no vulnerabilities were found, it is likely that credentials have not been provided for the hosts on the network or that no hosts have been found. Common remediation steps include: Adding or modifying credentials assigned to the hosts in the Scan Profile Adding or modifying the ports configured in the Scan Profile Both of these metrics provide PureCloud benchmark data so you can compare your organizations security posture against the benchmark. The PureCloud benchmark is calculated using the following metrics: Average Risk Score benchmark- Average Risk Score for all hosts in all scans during that month Devices by Vulnerability Severity benchmark - Based on the highest vulnerability CVSS score on each device. 26

27 27

28 Chapter 4. Scanning Scan Profiles Network Settings Scan Settings Credential Settings Schedule Settings Scan Types Vulnerability Scans Web Application Scans Custom Vulnerability Scans Scan on Demand Scan Status 28

29 Scan Profiles A Scan Profile contains all the information that PureCloud needs to successfully complete a scan, including: The IP space to be scanned The type of scan to be performed The credentials for assets on the network The schedule by which the scan should be run The following section explains how to configure the information contained in the Scan Profile. 29

30 Network Settings Configuring a Scan Profile's network settings allows you to define the IP space that you would like it to scan using the selected Scan Profile. Using network settings, you can configure the following items: IP Space Connector used to perform scan Configuring Network Settings The network settings configured in the Scan Profile will be applied to all scans using the selected Scan Profile. To run a scan with different network settings, either configure a new Scan Profile or edit an existing one. To configure a new Scan Profile 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. 2. On the Network Settings page, configure the scan network. 3. Click Finish to save the Scan Profile. When a new Scan Profile is saved, PureCloud will also give you the option to run a scan using the Scan Profile. Click OK to start the scan. To save the Scan Profile without running a scan, click Cancel. Alternately, click Continue to configure Scan Settings, Network Credentials, and Scan Schedule. 30

31 Network Name To edit an existing Scan Profile 1. On the Scan Profile pane of the PureCloud Dashboard, select the Scan Profile that you would like to edit, and click Edit. 2. On the Scan Profile's Network Setting page, edit the Scan Profile's network settings Continue. 3. Click Finish to save the edited Scan Profile. Alternately, click Continue to configure Scan Settings, Network Credentials, and Scan Schedule. Device Group Name text box allows you to enter a user-friendly name to identify this Scan Profile. This name entered in the Device Group Name text box will be displayed as the Scan Profile's Name in the Scan Profile pane of the PureCloud Dashboard. Connector A PureCloud Connector is used to perform a PureCloud scan on internal IP addresses. Each connector associated with the PureCloud account will be displayed in the Connector dropdown menu. To select a Connector with which to perform the scan, use the Connector drop-down menu. 31

32 Network Options Alternately, install a new PureCloud Connector. For more information on installing a new Connector, see Installing a PureCloud Secure Connector. A PureCloud Secure Connector is not required to perform scans on external, publicly visible IP addresses. If you are performing a scan of only external IP addresses, select Perimeter Scan from the drop-down menu. PureCloud allows you to configure the Scan Profile's network space using one of the following methods: Standard Scan - to scan the entire network on which the host machine resides. The host machine is the machine on which the PureCloud Connector for the selected Scan Profile is installed. Devices can be entered as single IP addresses or IP ranges. This option is not available if you have selected Perimeter Scan from the PureCloud Secure Connector drop-down menu. Scan Cloud Hosts - to automatically discover the active IP addresses in your Amazon EC2 account. When you select this option, you will need to provide the API Access Key to the account that PureCloud will use to pull down a list of active IP addresses for scanning. After this occurs, the IP addresses are added as defined IP addresses in the Scan Profile. This option is not available if you have selected Perimeter Scan from the PureCloud Secure Connector drop-down menu. Scan Specific Devices - to scan a specified network range. You can enter a single host or an IP range. Note When you configure your network for scanning, please note the following scanning constraints: Internal scans should be limited to a single subnet (/24) or up to 256 IP addresses on the same subnet. The PureCloud Secure Connector does not support scanning across multiple subnets at one time. For example, if you want to scan /24 and /21, two Scan Profiles should be configured. External scans should be limited to no more than 1024 IP addresses. 32

33 If the network that you need to scan is only reachable through a different NIC that the one that has the active connection to the internet, you can configure PureCloud to scan networks using alternate interfaces via the PureCloud Command Line menu. To access the PureCloud Command Line menu run, launch the following file from the Windows directory on which the PureCloud Secure Connector has been installed: C:\Program Files (x86) \Tripwire PureCloud Secure Connector\PureCloudConfigTool.exe To add specific devices a. In the Add Devices text box, type the network space for the devices you want to scan. Devices can be entered as single IP addresses or IP ranges. b. Click to add the devices to the scan profile. c. The new devices added to the scan profile will be displayed in the Hosts table. 4. Click Continue to continue configuring Scan Profile settings. Alternately, click Finish to save the Scan Profile. 33

34 Scan Settings Scan Settings allow you to configure the following parameters for the selected Scan Profile: Scan Type (Vulnerability Scan, Web Application Scan, or Custom Vulnerability Scan) Additional Ports (TCP and UDP) Network Utilization Configuring Scan Settings The scan settings configured in the Scan Profile will be applied to all scans using the selected Scan Profile. To run a scan with different scan settings, either configure a new Scan Profile or edit an existing one. To configure a new Scan Profile 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. 2. Configure the scan network. For more information about configuring scan networks, see Network Settings. Click Continue. 3. On the Scan Settings page, configure the Scan Profile's scan settings. 4. Click Finish to save the Scan Profile. When a new Scan Profile is saved, PureCloud will also give you the option to run a scan using the Scan Profile. Click OK to start the scan. To save the Scan Profile without running a scan, click Cancel. 34

35 Alternately, click Continue to configure information required for certain Scan Types, Network Credentials, and Scan Schedule. To edit an existing Scan Profile 1. On the Scan Profile pane of the PureCloud Dashboard, select the Scan Profile that you would like to edit, and click Edit. 2. On the Scan Profile's Network Setting page, click Continue. 3. On the Scan Settings page, edit the Scan Profile's scan settings. 4. Click Finish to save the edited Scan Profile. Alternately, click Continue to configure information required for certain Scan Types, Network Credentials, and Scan Schedule. Scan Type Additional Ports During Scan Profile configuration, you can select the type of scan you would like the selected Scan Profile to perform. PureCloud provides the following options: Vulnerability Scan - identifies security vulnerabilities or weaknesses on computers, computer systems, networks, and applications. For more information on configuring Vulnerability Scans, see Vulnerability Scans. Web Application Scan - identifies security vulnerabilities or weaknesses on web applications and architecture. Before a Web Application Scan can be completed, additional configuration must be completed. For more information on configuring Web Application Scans, see Web Application Scans. Custom Vulnerability Scan - identifies the presence of specific vulnerabilities. Before a Custom Vulnerability Scan can be completed, additional configuration must be completed. For more information on configuring Custom Vulnerability Scans, see Custom Vulnerability Scans. PureCloud scans common TCP and UDP ports during each scan. To configure additional ports 1. Enter additional ports to be scanned in either the TCP Port Scan or UDP Port Scan text boxes. 2. Click Continue to continue configuring Scan Profile settings. Alternately, click Finish to save the Scan Profile. 35

36 Network Utilization PureCloud allows you limit the bandwidth used to perform scans. To configure Network Utilization 1. Select On in the Network Utilization toggle. 2. Use the unit drop-down to select the bit unit: Kilobits Megabits 3. Enter the value to which you want to limit the bandwidth used for scanning. 4. Click Continue to continue configuring Scan Profile settings. Alternately, click Finish to save the Scan Profile. 36

37 Credential Settings PureCloud allows you to save your networks credentials so that they can be used each time a scan is run. PureCloud administrators can configure where credentials get stored. By default, credentials are saved in PureCloud's secure cloud credentials store. The cloud credentials store allows the credentials to be managed in one central location that can be accessed by each PureCloud Secure Connector registered to your account. Alternately, you can store credentials to the PureCloud Secure Connector. When credentials are stored on the PureCloud Secure Connector, the credentials have to be managed on each PureCloud Secure Connector individually. To configure credentials to store to the PureCloud Secure Connector, navigate to My Account > Settings > Account Settings. Note The credentials storage location is a global setting and will impact all users assigned to this PureCloud account. PureCloud accepts the following credential types: Table 1. Credential Types Credential Type Required Values Advanced Values Windows Name - User-friendly name to identify this set of credentials Username Password SSH (Password) Name - User-friendly name to identify this set of credentials Username Password SSH (Key) Name - User-friendly name to identify this set of credentials Username Private Key (DSA) SNMPv1 Name - User-friendly name to identify this set of credentials Community String 37

38 Credential Type Required Values Advanced Values WEB Form Name - User-friendly name to identify this set of credentials WEB HTTP Username Password Login URL Name - User-friendly name to identify this set of credentials Username Password Authorization Method: Determined at Scan Time (Default)- Uses authentication method provided by the webserver Basic Digest NTLM To add credentials to a scan profile 1. In the Scan Profiles pane of the PureCloud Dashboard, select the scan profile to which you want to apply credentials. 2. Click Editat the bottom of the Scan Profiles pane. 3. On the Scan Profiles Configuration pane, click Continue. 4. On the Scan Settings pane, click Continue. 38

39 5. On the Credentials pane, add credentials for the devices included in the network. Configuring Credentials a. At the bottom of the Credentials pane, click Add. b. In the Add Login pane, type a name for the credential set. Tripwire recommends that the name you enter here be descriptive enough to help you identify the devices to which it belongs. For example, "ALP87Laptop". c. Use the Type drop-down menu to select the type of credential to configure. d. Enter the required credential information for the credential type selected. e. Click Create. Once your credentials have been created, they will appear in the Login list under the tab for that specific credential type. 6. Apply credentials to devices in your network. Applying Credentials to Devices a. Select that tab that contains the credential you would like to apply to a device in your network. b. In the Login pane, select the credential you would like to apply. c. In the Target Device pane, place a check next to the device or devices to which you would like to apply the credential. 39

40 7. Continue steps 5 and 6 until all your credentials are configured and applied to devices. 8. Click Finish. 40

41 Schedule Settings Schedule settings allow you to specify when you want PureCloud to perform a scan using the selected Scan Profile. From the Schedule Settings page, you can configure the following information: SmartScan Scan Schedule Configuring Schedule Settings The schedule settings configured in the Scan Profile will be applied to all scans using the selected Scan Profile. To run a scan with different schedule settings, either configure a new Scan Profile or edit an existing one. To configure a new Scan Profile 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. 2. Configure the scan network. For more information about configuring scan networks, see Network Settings. Click Continue. 3. Configure the scan settings. For more information about configuring scan settings, see Scan Settings. Click Continue. Note If you have enabled Web Application Scanning or Custom Vulnerability Scanning, click Continue to advance past the scan type specific configuration pages. 41

42 4. Configure credentials. For more information about configuring credentials, see Credential Settings. Click Continue. 5. On the Schedule Settings page, edit the schedule settings. Click Finish to save the Scan Profile. When a new Scan Profile is saved, PureCloud will also give you the option to run a scan using the Scan Profile. Click Run. Click OK to start the scan. To save the Scan Profile without running a scan, click Cancel. Alternately, click Continue to configure information required for certain Scan Types, Network Credentials, and Scan Schedule. To edit an existing Scan Profile 1. On the Scan Profile pane of the PureCloud Dashboard, select the Scan Profile that you would like to edit, and click Edit. 2. On the Scan Profile's Network Setting page, click Continue. 3. On the Scan Settings page, click Continue. Note If you have enabled Web Application Scanning or Custom Vulnerability Scanning, click Continue to advance past the scan type specific configuration pages. 4. On the Credentials Settings page, click Continue. 5. On the Schedule Settings page, edit the schedule settings. 6. Click Finish to save the edited Scan Profile. Smart Scan Smart Scan allows your organization to benefit from constant monitoring for Zero-day and high risk threats that may impact your network. When enabled, PureCloud will perform a vulnerability scan each time Tripwire's security research team, VERT, identifies new high-risk threats. Once the scan is complete, you will receive an describing the threat, including which devices on your network are likely to be at risk and steps to mitigate the risk. To enable Smart Scan 1. On the Schedule Settings page of the Scan Profile wizard, select On on the Smart Scan toggle. 2. Click Finish to save the Scan Profile. 3. Alternately, configure a scan schedule, and then click Finish. 42

43 Note Enabling Smart Scan will allow PureCloud to perform a vulnerability scan only on the network configured in the selected Scan Profile. To enable Smart Scan for additional devices, additional Scan Profiles should be configured or edited to include Smart Scanning. Scan Schedule Configure a scan schedule allows you to specify when to run a PureCloud scan for the selected Scan Profile. PureCloud scans can be configured to run one time at a specified time or on a recurring schedule. Scan Profiles are not required to have an assigned scan schedule. Scan Profiles that are not assigned a scan schedule will not run automatically. For more information about running a scan on demand, see Scan On Demand. One Time Scheduled Scans One Time Scheduled Scans are scans that run once on the date and time you specify. To configure a One Time Scan 1. On the Schedule Setting page of the Scan Profile wizard, select One time only. 2. Enter the date and time for the scan to run. Note The timezone displayed reflects the timezone configured for your user account. User account time settings can be modified under My Account > User Profile> User Information. Recurring Scans 3. Click Finish. Recurring Scans are scans that run continually according to the schedule that you specify. Recurring Scans can be configured to run weekly or monthly, on a specific day of the week or month. To configure a Recurring Scan 1. On the Schedule Settings page of the Scan Profile wizard, select Recurring. 2. Use the drop-down menus to select whether to run the scan Weekly or Monthly. 43

44 3. Use the On day drop down to select the day of the week or month on which to run the scan. 4. Enter a time for the scan to run. 5. Click Finish. 44

45 Scan Types Tripwire PureCloud allows you to run a variety of scans, including: Vulnerability Scans Discovery Scans Web Application Scans Custom Vulnerability Scans These scans can be run according to the schedule defined in the Scan Profile or can be run as On Demand. This section details how to configure each of the available scan types. Additionally, it outlines how to perform an On Demand, or non-scheduled scan 45

46 Vulnerability Scans Running a Vulnerability Scan allows PureCloud to assess the computers, computer systems, networks, applications in your network for security vulnerabilities and weaknesses. Vulnerability Scans can also be used to satisfy PCI DSS If you need to complete a scan that satisfies PCI DSS , you should run a PCI Scan. For instructions on running a PCI Scan, see PCI Scans. Configuring a Vulnerability Scan Vulnerability Scanning is the default scan type PureCloud will use for any Scan Profile. For each Scan Profile, you can enable additional scan types to be run, or you can disable a Vulnerability Scan. To configure a Vulnerability Scan Note By default, Vulnerability Scanning is enabled for all Scan Profiles. You can configure a Scan Profile to run one or more scan types. 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. Alternately, select an existing Scan Profile, and then click Edit. 2. Configure the scan network. For more information about configuring scan networks, see Network Settings. Click Continue. 3. On the Scan Settings page, ensure the Vulnerability Scan toggle is set to On. 4. Configure additional scan settings. 5. Click Continue to continue configuring Scan Profile settings. Alternately, click Finish to save the Scan Profile. 46

47 Discovery Scans A discovery allows PureCloud to identify the hosts on your network. Using the results of the discovery scan will help you configure additional PureCloud settings, such as adding credentials. Configuring a Discovery Scan To configure a Discovery Scan 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. Alternately, select an existing Scan Profile, and then click Edit. 2. Configure the scan network. For more information about configuring scan networks, see Network Settings. Click Continue. 3. On the Scan Settings page, ensure the Vulnerability Scan toggle is set to Off. 4. Configure additional scan settings. 5. Click Continue to continue configuring Scan Profile settings. Alternately, click Finish to save the Scan Profile. 47

48 Web Application Scans Web Application Scans perform vulnerability detection and network risk analysis on virtual hosts. Configuring a Web Application Scan To configure a Web Application Scan Note Scanning of web application typically take longer to complete than non-web application hosts. Tripwire recommends configuring any web applications to their own Scan Profile for scanning. 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. Alternately, select an existing Scan Profile, and then click Edit. 2. Configure the scan network. For more information about configuring scan networks, see Network Settings. Click Continue. 3. On the Scan Settings page, ensure the Web Application Scan toggle is set to On. 4. Confirm the Recursion Limit and Page Limit settings. Recursion Limit: Determines how deep into a web page the scan will go. For example, the index page may have links to additional pages only accessible from a sub-menu on the index page. This structure may extend to multiple levels. The default value is 3. Recursion values greater than 5 can cause scanning delays. Page Limit: Count of the total number of pages to be scanned. If you set the page limit to 100, the scan will terminate after 100 pages have been scanned. The default value for this setting is -1. This setting tells the system to scan every page it finds. 5. Configure additional scan settings. 6. Click Continue. 7. On the Virtual Hosts page, you can add, edit, or remove virtual hosts. 48

49 To add virtual hosts a. On the Virtual Hosts page, click Add. b. On the Virtual Hosts Configuration page, enter the following information: IP Address: The IP Address of the host you are configuring. This address must exist in the address space for the network Host name (Optional) Include Path: This field allows you to define additional pages that you d like to spider that may not be linked directly on the site itself. (Optional) Exclude Path: This field allows you to create a blacklist of pages you don t want scanned. They will be excluded if discovered. c. Click OK. Your virtual host should appear in the table on the Virtual Hosts page. To edit virtual hosts a. On the Virtual Hosts page, select an existing Virtual Host, and then click Edit. b. On the Virtual Host Configuration page, edit the virtual host's settings. c. Click OK to save your changes. To remove virtual hosts a. On the Virtual Hosts page, select an existing Virtual Host, and then click Remove. b. The virtual host will be removed from the Web Application scan. 8. Click Continue to continue configuring the Scan Profile. 49

50 Alternately, click Finish to save the Scan Profile. Note Credentials should be configured for all web application scans; otherwise, PureCloud may only be able to find vulnerabilities on your publicly available pages. 50

51 Custom Scan A Custom Vulnerability Scan allows you to select the vulnerabilities that PureCloud should scan for using the selected Scan Profile. Configuring a Custom Vulnerability Scan To configure a Custom Vulnerability Scan Note You can configure a single Scan Profile to run one or more scan types. 1. On the Scan Profile pane of the PureCloud Dashboard, click Add. Alternately, select an existing Scan Profile, and then click Edit. 2. Configure the scan network. For more information about configuring scan networks, see Network Settings. Click Continue. 3. On the Scan Settings page, ensure the Custom Vulnerability Scan toggle is set to On. 4. Configure additional scan settings. 5. Click Continue. 6. On the Custom Vulnerability Scan page, select the vulnerabilities you would like PureCloud to scan for when performing this scan. You can filter the Vulnerability table to display specific vulnerabilities using the search box in the upper right corner. Vulnerabilities can be filtered by Vulnerability Name, Vulnerability ID, or CVE ID. For the most accurate results, Tripwire recommends searching for Vulnerabilities using the associated CVE ID. Only the vulnerabilities selected will be included in the scan. 7. Click Continue to continue configuring the Scan Profile. Alternately, click Finish to save the Scan Profile. 51

52 Scan on Demand An On Demand scan is a scan that is runs one time immediately after you tell PureCloud to perform the scan. On Demand scans can be performed for scans that do not have a configured schedule or to run scans outside of the scheduled times assigned to a Scan Profile. When run, On Demand scans adhere to the same constraints defined in the Scan Profile. Running On Demand Scans To run an On Demand scan 1. On the Scan Profile pane of the PureCloud dashboard, select the Scan Profile for which to perform an On Demand scan. 2. At the bottom of the Scan Profile pane, click Run. 52

53 PCI Scans PCI Scanning allows you to assess your network for Payment Card Industry (PCI) Data Security Standards. Note PureCloud scanning can only be completed by customers that have purchased the PCI scanning licenses. To purchase PCI Scanning licenses, contact your PureCloud sales rep. PCI Scans are initiated and managed using the PCI Scanning Dashboard, and they comprise two parts: an Asset Discovery Audit and a Vulnerability Assessment. Running a PCI Scan using the following instructions will satisfy PCI DSS If you need to complete a scan that satisfies PCI DSS , you should run a Vulnerability scan from the PureCloud Dashboard. For instructions on running a Vulnerability Scan, see Vulnerability Scans. Setting up you PCI Profile If this is your first time running a PCI Scan, you will be prompted to complete your user profile and set up a PureCloud PCI subscription before you run a Vulnerability Assessment. If a valid subscription does not exist, please contact your Tripwire Sales representative or for assistance. Paid subscriptions can be viewed by clicking My Account > Subscription in the PureCloud interface. Once a valid subscription is associated with your PureCloud account, the option to run a PCI vulnerability scan will be enabled. Note When you are setting up your user profile, you will be given the option to generate an API Access Code. Not all PureCloud PCI users need to generate an API Access Code. If an API Access Code is generated, be sure to store the code in a secure location. PureCloud PCI will only show an API Access Code one time. If the code is lost or forgotten, a new API Access Code will need to be generated. Accessing the PCI Dashboard PCI Scans are configured and managed using the PCI Dashboard. To access the PCI Dashboard Navigate to the PCI Scanning dashboard by clicking the PCI Scan link. 53

54 From the PureCloud PCI Scanning dashboard you can run a Discovery or Vulnerability Scan, or you can view the results of previously completed scans. Completing a PCI Scan A PCI Scan has two parts: an Asset Discovery Audit and a Vulnerability Assessment. Step 1: Complete a Discovery Audit To begin a PureCloud PCI scan, a Discovery Scan must be run in order to identify live assets in your scan scope. Note A PCI Discovery Audit differs from a Network Discovery scan, which detects all hosts regardless of PCI applicability. 1. To configure an asset discovery audit, click on the Discover Assets button. This opens the Discover Assets pane. 2. In the Discover Assets pane, enter a discovery target. A discovery target can be a CIDR address block or a fully qualified DNS name. For PCI discovery scanning purposes, Tripwire recommends that you only add specific hosts or CIDR ranges for the hosts to which your PCI scan applies. Part of the PCI process will be to amend or exclude any hosts that are not applicable to your PCI scan. 54

55 3. Select the correct Target Attribute based on whether or not your assets are behind load balancers. 4. After your scan has been configured correctly, click Start Scan. A notification will be sent from PureCloud when your scan has started. Once the scan is complete, you will receive a scan completion including a link to your Asset Discovery Audit results. Alternately, you can view your scan results by clicking View Results in the PureCloud PCI dashboard. Your Discovery Scan results will appear in the View Results dashboard. If the assets found in the Discovery Scan require IP exclusions or if new hosts need to be added, this can be accomplished by editing the Scan Scope in the Vulnerability Scan dashboard. 55

56 Step 2: Complete a Vulnerability Scan Once your asset discovery audit has completed, the next step is to perform a Vulnerability Scan on the discovered assets. 1. To start a complete a Vulnerability Scan, click Vulnerability Scan. 2. To run a Vulnerability Scan, select an available scan scope by clicking the radio button next to the desired scan scope. Scan scopes for a Vulnerability Scan are based on the Discovery Audits run against your organization s scan targets. 3. Set a scan schedule. Vulnerability scans can be set to run immediately or at a given time in the future. To run the scan immediately a. Select the Audit Now radio button. b. Click Start Scan. To schedule a vulnerability scan for a future date or time 56

57 a. Select the Schedule Audit for radio button. b. Configure the date and time on which you would like the scan to run. c. Click Start Scan. Your scan will start on the date and time that you ve selected. 4. On the Scan Confirmation page, verify that the scan is configured for the correct targets, and click Start Scan. You will receive a Start Audit message when your Vulnerability Scan has begun. While the scan is running, scan status can be viewed in the View Results dashboard. Once the Vulnerability Scan has completed, you will receive an that includes a link to your Vulnerability Scan results. You can also view your scan results by clicking View Results in the PureCloud PCI dashboard. 57

58 The Vulnerability Scan results will show if the scan target is PCI compliant, the number of open issues that exist (findings), as well as provide options for Attestation, Summary, and Detailed reports. Understanding PureCloud PCI Scan Results As PureCloud conforms to the current PCI standards required as an ASV, the following sections provide information from which elaborate on PCI reporting aspects, remediation steps, and disputing results. Per PCI Standards, scan results are represented via the following reports: 1. ASV Scan Report Attestation of Scan Compliance (Attestation Report) This is the overall summary that shows whether the scan customer s infrastructure received a passing scan and met the scan validation requirement. 2. ASV Scan Report Executive Summary (Summary Report) This section lists vulnerabilities by components (IP address) and shows whether each scanned IP address received a passing score and met the scan validation requirement. This section shows all vulnerabilities noted for a given IP address, with one line per noted vulnerability. For example, an IP address will show one line when one vulnerability is noted, but will have five lines if five vulnerabilities are noted. 3. ASV Scan Report Vulnerability Details (Details Report) This section is the overall summary of vulnerabilities that shows compliance status (pass/fail) and details for all vulnerabilities detected. This section of the report is in vulnerability order, showing each affected IP address as a specific line item for a given vulnerability. Remediating PCI Scan Results If your PCI scan results indicate a failed scan, review the vulnerabilities listed in the scan s Details report. A web link is included within each vulnerability description that will allow you to view additional vulnerability details, including remediation steps. After the required remediation steps have been performed, you can rescan at no additional cost if it is within 30 days of the original PCI vulnerability scan. Exceeding this period will require a new PCI scan to be run. 58

59 Disputing and Submitting PCI Scan Results Per PCI Standards, scan customers may dispute the findings in the ASV scanning report, including but not limited to: Vulnerabilities that are incorrectly found (false positives) Vulnerabilities that have a disputed CVSS Base score Vulnerabilities for which a compensating control is in place Exceptions in the report Conclusions of the scan report List of components designated by scan customer as segmented from PCI DSS scope Inclusive ASV scans or ASV scans that cannot be completed due to scan interference Per PCI Standards, scan customers must provide written evidence that supports disputed findings. Scan customers should submit system-generated evidence such as screen dumps, configuration files, system versions, file versions, list of installed patches, etc. Such systemgenerated evidence must be accompanied by a description of when, where, and how the evidence was obtained (chain of evidence). For more information regarding PCI Standards and the Dispute process, please refer to the latest ASV Program Guide ( Submitting PCI Scan Amendments in PureCloud 1. To submit a PCI Scan amendment, click on the Amend Report icon in the scan results dashboard. The Amend Report page will display, showing the Amend Report ID, an option to submit the amendment report, and an option to dispute/enter amendments for each finding in the report. 59

60 2. Enter any required amendments. To avoid potential delay, it is recommended to submit as much detail as possible. To enter an amendment for a single finding a. Enter amendment details in the Amendment Edit submission text box. b. Select the associated amendment type (false positive/compensating control). c. Click the corresponding Save button to save your entry. To enter amendments for multiple findings 60

61 a. A Group Amendment may be entered that will apply to all findings associated the vulnerability. 3. When all necessary amendments have been saved, submit your Amendments for review by clicking the Submit for Review button. A Tripwire ASV reviewer will process your amendment request(s) and will either approve each amendment entry or deny each amendment entry if requirements have not been met or additional information is needed. Note Once amendments have been submitted for review, no additional amendments or changes to existing amendments can be submitted until the ASV reviewer has completed the amendment review process. When the Amendment process is complete, and if approvals are granted by the ASV reviewer, a passing scan result will be granted. 4. With a passing scan result, users will have the option to submit the scan results by clicking on the Online Submit button. 5. Once you have clicked Online Submit button, you can enter the address to which you would like the report URL to be sent. 61

62 62 PureCloud allows you to send to reports to a single address; however, if additional recipients are needed, click the Online Submit option again and enter a new address as needed.

63 Scan Status When a scan is being performed, PureCloud allows you to view scan data, such as scan status and progress. Note You are not required to remain logged in to your PureCloud account in order for an initiated scan to complete. If you are in the PureCloud interface when a scan initiates, you can navigate away from the PureCloud page, or even close your browser window. PureCloud will you when your scan is complete. A scan's current status can be viewed in the PureCloud dashboard. The Scan Profile pane shows the overall progress of the scan. Selecting a Scan Profile will display additional details. When a currently running Scan Profile is select in the Scan Profile pane, the right pane of the PureCloud dashboard changes from Scan Results to Scan Progress. Note Scan progress details can only be displayed for one currently running scan at a time. To view the Scan Progress of another scan, select another Scan Profile. The Scan Progress pane displays the scan progress of each of the IP addresses including in the network to be scanned. When the scan completed, the Scan Progress pane will revert back to a Scan Results pane. 63

64 Chapter 5. Configuring Remote Secure Connectors Users User Settings and Account Settings User Settings Account Settings 64

65 Remote Secure Connectors To facilitate scanning of remote facilities, PureCloud allows you to manage remote PureCloud Secure Connectors. Only new PureCloud Secure Connectors can be distributed remotely. The PureCloud Secure Connector will need to be installed on a machine at the remote location before the location can be scanned. Installing a PureCloud Secure Connector in a remote location Before installing a PureCloud Secure Connector in a remote location, establish a user account for your remote contact. This person will be responsible for only installation of the PureCloud Secure Connector. 1. In the Scan Profile pane, click the PureCloud Secure Connectors drop-down menu. 2. At the bottom of the PureCloud Secure Connectors list, click Manage Connectors. 3. Click Distribute. 4. Enter the following required information: PureCloud Secure Connector Name Address of your remote contact 5. Click Distribute. An containing a link to download the PureCloud Secure Connector will be sent to the remote user. Once the remote user downloads the PureCloud Secure Connector, it will automatically register with your PureCloud account. After the PureCloud Secure Connector has been installed in the remote location, a PureCloud Administrator needs to enable the Connector before it can be used in any scan configurations. For information about enabling PureCloud Secure Connectors, see PureCloud Secure Connectors. 65

66 Users PureCloud Administrators can configure and manage PureCloud user accounts. Configuring New Users 1. In the PureCloud administrative links, located at the top right side of the web page, click Admin. 2. On the User Management dashboard, click Add. 3. On the Add User page, enter the following required information: First Name Last Name Address 4. (Optional) On the Add User page, enter the following optional information: Title Telephone Number Address City Postal Code Country Timezone (Default value is UTC) Language (Default value is English) 5. Click Save. 66

67 Once the user is created, he or she will receive an from PureCloud instructing them to complete their account registration. Configuring User Roles PureCloud offers two user roles: Administrator - can configure scans, view scan results, and manage users Non-Administrator - can configure scans and view scan results By default, new users are configured with non-administrative privileges. Only Administrative users can configure user roles. To configure user roles 1. On the User Management dashboard, select the user to which you want to assign a role. 2. Click Edit. 3. Click Permissions. 4. In the Modify User pane, assign the User Role: Administer - To assign the Administer role, ensure that the "User is an admin with full permissions" toggle is set to On. Non-Administrator - To assign the non-administrator role, ensure that the "User is an admin with full permissions" toggle is set to Off. 5. Click Save Permissions to save your changes. 67

68 Managing Users PureCloud Administrators can edit, delete, or disable any existing Tripwire PureCloud user account. The User Management table can be filtered by user's First Name, Last Name, or address. This allows you to quickly locate the user accounts that you want to manage. To filter the User Management table, enter filter criteria in the Filter String text box and press the Enter key on your keyboard. The users displayed in the User Management table will reflect your filter criteria. To clear the filter criteria, delete the text in the Filter String text box and press Enter on your keyboard. To edit a PureCloud user account Editing a PureCloud user account allows you to make changes to any of the user fields without having to create a new user entry. 1. In the PureCloud administrative links, located at the top right side of the web page, click Admin. 2. On the User Management dashboard, select the user account you would like to edit, and then click Edit. 3. On the Modify User page, edit the desired fields. 4. Click Save. 68

69 To delete a PureCloud user account Deleting a PureCloud user account allows you to permanently remove a user from your PureCloud instance. In order for a deleted user to access PureCloud, a new user account will need to be created. 1. In the PureCloud administrative links, located at the top right side of the web page, click Admin. 2. On the User Management dashboard, select the user account you would like to delete, and then click Delete. 3. In the Confirm User Deletion pop-up, confirm that you would like to delete the user account by clicking Delete. To disable or enable a PureCloud user account Disabling a PureCloud user account allows you to disable user access to PureCloud. Disabled user accounts will still appear in the User Management table. Disabled accounts can be identified by the following symbol in the Status column of the User Management table: 1. In the PureCloud administrative links, located at the top right side of the web page, click Admin. 2. On the User Management dashboard, select the user account you would like to edit, and then click Disable. Disabled user accounts can be re-enabled at any time. To enable a disabled PureCloud user account, navigate to the User Management table, select the user account you would like to enable, and then click Enable. 69

70 User and Account Settings Users are automatically assigned to the PureCloud account on which they are created. Once created users can perform the following actions regarding their user settings: View and edit User Profile Change password Update User Settings PureCloud Administrators can also perform the following actions regarding the PureCloud account settings: Generate an API Access Key View Subscription details Update Account Settings 70

71 User Settings All users can view and edit their user profile, update their user settings, and reset their password. To access user settings To access user settings, click My Account in the upper right corner of the PureCloud interface. Viewing and Editing User Profile You can view and edit your user profile at any time using the My Account link. To edit your user profile, add or modify information in any of the user profile fields, and then click Update. Update User Settings Users settings allow users to apply specific settings to the account on which the setting is configured. User settings are not globally applied to other user accounts associated with the PureCloud account. PureCloud provides the following user setting: See failed and cancelled scans in the dashboard 71

72 By default, PureCloud only displays scan results for scans that completed successfully in the Scan Results pane of the PureCloud Dashboard. Enabling the "See failed and cancelled scans in the dashboard" option will result in all scan results, including those for failed and cancelled scans to be visible in the Scan Results pane. To update user settings 1. Click My Account in the upper right corner. 2. On the User Profile page, click Settings in the upper right corner. 3. Under user settings, place a check in the "See failed and cancelled scans in the dashboard" check box. 4. Click Submit. Updating your Password All users can update their user account password at any time. Passwords must contain at least 6 characters and be medium complexity of greater. To update your password 1. Click My Account in the upper right corner. 2. On the User Profile page, click Password Changein the upper right corner. 3. Type the following required information: Old Password - your current PureCloud password New Password - what you would like to change your PureCloud password to New Password Confirmation - the same password entered in the New Password text box 4. Click Change my password. The next time you log in to PureCloud, use the new password you configured. 72

73 73

74 Account Settings PureCloud Administrators can view subscription details and set global account settings. To access account settings To access user settings, click My Account in the upper right corner of the PureCloud interface. Viewing Subscription Details PureCloud Administrators can view PureCloud subscription details at any time using the My Account link. On the Scan Profile page, click Subscription. This view also allows you to see the number of vulnerability licenses that have been used. 74

75 Chapter 6. Integrating Security Intelligence Hub (SIH) Third Party Integration 75

76 SIH PureCloud can integrate with Tripwire Security Intelligence Hub (SIH). By integrating PureCloud with SIH, you can consolidate your risk assessment process by using SIH to view PureCloud data and run reports. Additionally, by pulling PureCloud data into SIH, you gain the ability to manipulate and assess the data at an enterprise level. This consolidation of reporting and analytics will you provide you a seamless and in-depth understanding of your network's security posture. Note The PureCloud/SIH integration feature is a separately purchased module. If you have not already purchased the module, contact your PureCloud Sales Representative or Tripwire Technical Support. Integrating PureCloud with Tripwire Security Intelligence Hub PurCloud/SIH integration must be configured by an SIH Administrator on the machine on which SIH is installed. Note Before beginning the SIH integration, you should create a new user account that is provisioned exclusively for integrating with SIH. For information on creating a new user account, see Users. 1. On the machine on which SIH is installed, locate "Tripwire Security Intelligence Hub" in the programs directory, and select Configuration Wizard. 2. On the Database Configuration page of the wizard, click Next. 3. On the External Data Source Configuration page of the wizard, select VnE in the dropdown menu. 4. (Optional) Enable the PureCloud integration so that data can be pulled from PureCloud for use in SIH reports. 5. (Optional) Enable using PureCloud as the default directory server. 6. Enter the following required information: Name - A user-friendly name to identify this data source as your PureCloud instance Hostname - Enter purecloud-ncircle.com Administrative User - the address used to register your PureCloud account Note Tripwire recommends using a PureCloud Administrative Account that has been provisioned exclusively for integration with SIH. Password/Confirm Password - the password for the PureCloud account 76

77 Check Interval - Determines the frequency with which you would like SIH to check PureCloud for updates and changes. While you can decide to leave the default value of 10 minutes, Tripwire recommends increasing the value to 30 minutes since PureCloud has fewer changes and updates than a Tripwire IP360 VnE. 7. Click OK. Pull Days - Determines the number of days before the current date and time for which you want to upload scan data from PureCloud. If you leave the default value of 0 days, only future scan data will load. 8. Click Finish to have SIH begin pulling data from PureCloud. Note Only unlocked scans will be imported into SIH. A locked scan is a scan that consists of more found hosts than the account was licensed for at the time of the scan. To remediate the issue, run another scan once a license has been applied with the correct number of IP addresses. If it is imperative that the locked scan is pushed into SIH, once a license has been applied, you may contact Technical Support for assistance. 77

78 Third Party Integrations PureCloud allows you to export scan results in the following formats: CSV XML XML3 Using exported scan results, you can integrate PureCloud scan data with third party products that have the ability to consume data in these formats. To export scan results 1. In the Scan Profile pane, select the scan profile for which you would like to download the scan report. 2. In the Scan Results pane, click the Download report drop-down menu. 3. Select the desired format for the exported report: Informational PDF - includes a summary of scan results, including assessment summary, benchmark statistics, top vulnerabilities, and solution details Actionable PDF - includes a more in-depth view of scan results, including summary information, host configuration checks, and remediation details CSV XML2 XML3 Once your report has generated, you will be prompted to download the report. 78

79 Chapter 7. Managing PureCloud Secure Connectors 79

80 PureCloud Secure Connectors PureCloud Administrators can manage the PureCloud Secure Connectors associated with the PureCloud account. Viewing PureCloud Secure Connectors PureCloud Administrators can view all the PureCloud Secure Connectors associated with the PureCloud account, as well as see the Secure Connector's status. To view PureCloud Secure Connectors 1. In the Scan Profiles pane, click the PureCloud Secure Connectors drop-down menu. 2. At the bottom, click Manage Connectors. 3. In the Manage Connectors window, view the PureCloud Secure Connectors associated with this PureCloud account, including hostname, network, last check-in, and status. Status information includes: - Connector is installed, registered, and ready to be used in a scan configuration - Connector has been sent to a recipient but has not been installed yet - Connector has been installed and registered, but is currently disabled - Connector is not currently connected to PureCloud and cannot be used for a scan Enabling or Disabling PureCloud Secure Connectors PureCloud Administrators can enable or disable PureCloud Secure Connectors. Only enabled PureCloud Secure Connectors can be used in scan configurations. 80

81 To enable or disable PureCloud Secure Connectors 1. In the Scan Profiles pane, click the PureCloud Secure Connectors drop-down menu. 2. At the bottom, click Manage Connectors. 3. Select the PureCloud Secure Connector that you would like to enable or disable from the list of Connectors. 4. Click Enable or Disable. The PureCloud Secure Connector's status should change to reflect your selection. Editing PureCloud Secure Connectors PureCloud Administrators can edit the name of PureCloud Secure Connectors. To edit a PureCloud Secure Connector name 1. In the Scan Profiles pane, click the PureCloud Secure Connectors drop-down menu. 2. At the bottom, click Manage Connectors. 3. Select the PureCloud Secure Connector that you would like to edit, and then click Edit. 4. In the Connector Name text box, enter a new name for the Connector. 81

Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9)

Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9) Nessus Enterprise Cloud User Guide October 2, 2014 (Revision 9) Table of Contents Introduction... 3 Nessus Enterprise Cloud... 3 Subscription and Activation... 3 Multi Scanner Support... 4 Customer Scanning

More information

GETTING STARTED WITH THE PCI COMPLIANCE SERVICE VERSION 2.3. May 1, 2008

GETTING STARTED WITH THE PCI COMPLIANCE SERVICE VERSION 2.3. May 1, 2008 GETTING STARTED WITH THE PCI COMPLIANCE SERVICE VERSION 2.3 May 1, 2008 Copyright 2006-2008 by Qualys, Inc. All Rights Reserved. Qualys, the Qualys logo and QualysGuard are registered trademarks of Qualys,

More information

OneLogin Integration User Guide

OneLogin Integration User Guide OneLogin Integration User Guide Table of Contents OneLogin Account Setup... 2 Create Account with OneLogin... 2 Setup Application with OneLogin... 2 Setup Required in OneLogin: SSO and AD Connector...

More information

System Administration Training Guide. S100 Installation and Site Management

System Administration Training Guide. S100 Installation and Site Management System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5

More information

Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9)

Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9) Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9) Table of Contents Introduction... 3 Nessus Perimeter Service... 3 Subscription and Activation... 3 Multi Scanner Support...

More information

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide IBM Security QRadar Vulnerability Manager Version 7.2.1 User Guide Note Before using this information and the product that it supports, read the information in Notices on page 61. Copyright IBM Corporation

More information

TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE

TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE .trust TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE 2007 Table of Contents Introducing Trustwave Vulnerability Management 3 1 Logging In and Accessing Scans 4 1.1 Portal Navigation and Utility Functions...

More information

Eucalyptus 3.4.2 User Console Guide

Eucalyptus 3.4.2 User Console Guide Eucalyptus 3.4.2 User Console Guide 2014-02-23 Eucalyptus Systems Eucalyptus Contents 2 Contents User Console Overview...4 Install the Eucalyptus User Console...5 Install on Centos / RHEL 6.3...5 Configure

More information

Web Application Firewall

Web Application Firewall Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

More information

Configuration Guide. BES12 Cloud

Configuration Guide. BES12 Cloud Configuration Guide BES12 Cloud Published: 2016-04-08 SWD-20160408113328879 Contents About this guide... 6 Getting started... 7 Configuring BES12 for the first time...7 Administrator permissions you need

More information

PCI Compliance. Network Scanning. Getting Started Guide

PCI Compliance. Network Scanning. Getting Started Guide PCI Compliance Getting Started Guide Qualys PCI provides businesses, merchants and online service providers with the easiest, most cost effective and highly automated way to achieve compliance with the

More information

IBM Security QRadar Vulnerability Manager Version 7.2.6. User Guide IBM

IBM Security QRadar Vulnerability Manager Version 7.2.6. User Guide IBM IBM Security QRadar Vulnerability Manager Version 7.2.6 User Guide IBM Note Before using this information and the product that it supports, read the information in Notices on page 91. Product information

More information

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system

More information

CLOUD SECURITY FOR ENDPOINTS POWERED BY GRAVITYZONE

CLOUD SECURITY FOR ENDPOINTS POWERED BY GRAVITYZONE CLOUD SECURITY FOR ENDPOINTS POWERED BY GRAVITYZONE Quick Start Guide for Partners Cloud Security for Endpoints powered by GravityZone Quick Start Guide for Partners Publication date 2013.10.28 Copyright

More information

Setting Up Scan to SMB on TaskALFA series MFP s.

Setting Up Scan to SMB on TaskALFA series MFP s. Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and

More information

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard AlienVault Unified Security Management (USM) 5.1 Running the Getting Started Wizard USM v5.1 Running the Getting Started Wizard, rev. 2 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

HDA Integration Guide. Help Desk Authority 9.0

HDA Integration Guide. Help Desk Authority 9.0 HDA Integration Guide Help Desk Authority 9.0 2011ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic, the ScriptLogic logo and Point,Click,Done! are trademarks and registered trademarks of ScriptLogic

More information

Administering Cisco ISE

Administering Cisco ISE CHAPTER 8 This chapter describes the administrative activities for the Cisco Identity Services Engine (ISE) and how to perform them. The following topics are covered: Logging In, page 8-1 System Time and

More information

IBM. Vulnerability scanning and best practices

IBM. Vulnerability scanning and best practices IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration

More information

Managing Qualys Scanners

Managing Qualys Scanners Q1 Labs Help Build 7.0 Maintenance Release 3 documentation@q1labs.com Managing Qualys Scanners Managing Qualys Scanners A QualysGuard vulnerability scanner runs on a remote web server. QRadar must access

More information

WhatsUp Gold v16.2 MSP Edition Deployment Guide This guide provides information about installing and configuring WhatsUp Gold MSP Edition to central

WhatsUp Gold v16.2 MSP Edition Deployment Guide This guide provides information about installing and configuring WhatsUp Gold MSP Edition to central WhatsUp Gold v16.2 MSP Edition Deployment Guide This guide provides information about installing and configuring WhatsUp Gold MSP Edition to central and remote sites. Contents Table of Contents Using WhatsUp

More information

File Share Navigator Online 1

File Share Navigator Online 1 File Share Navigator Online 1 User Guide Service Pack 3 Issued November 2015 Table of Contents What s New in this Guide... 4 About File Share Navigator Online... 5 Components of File Share Navigator Online...

More information

F-Secure Messaging Security Gateway. Deployment Guide

F-Secure Messaging Security Gateway. Deployment Guide F-Secure Messaging Security Gateway Deployment Guide TOC F-Secure Messaging Security Gateway Contents Chapter 1: Deploying F-Secure Messaging Security Gateway...3 1.1 The typical product deployment model...4

More information

Release Notes for Websense Email Security v7.2

Release Notes for Websense Email Security v7.2 Release Notes for Websense Email Security v7.2 Websense Email Security version 7.2 is a feature release that includes support for Windows Server 2008 as well as support for Microsoft SQL Server 2008. Version

More information

Qualys PC/SCAP Auditor

Qualys PC/SCAP Auditor Qualys PC/SCAP Auditor Getting Started Guide August 3, 2015 COPYRIGHT 2011-2015 BY QUALYS, INC. ALL RIGHTS RESERVED. QUALYS AND THE QUALYS LOGO ARE REGISTERED TRADEMARKS OF QUALYS, INC. ALL OTHER TRADEMARKS

More information

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 This document describes the different types of Unisphere management stations and tells how to install

More information

MultiSite Manager. Setup Guide

MultiSite Manager. Setup Guide MultiSite Manager Setup Guide Contents 1. Introduction... 2 How MultiSite Manager works... 2 How MultiSite Manager is implemented... 2 2. MultiSite Manager requirements... 3 Operating System requirements...

More information

MadCap Software. Upgrading Guide. Pulse

MadCap Software. Upgrading Guide. Pulse MadCap Software Upgrading Guide Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software described in this document is furnished

More information

Aspera Connect 2.4.7. Linux 32/64-bit. Document Version: 1

Aspera Connect 2.4.7. Linux 32/64-bit. Document Version: 1 Aspera Connect 2.4.7 Linux 32/64-bit Document Version: 1 2 Contents Contents Introduction... 3 Setting Up... 4 Upgrading from a Previous Version...4 Installation... 4 Set Up Network Environment... 5 Basic

More information

Installation Guide for Pulse on Windows Server 2008R2

Installation Guide for Pulse on Windows Server 2008R2 MadCap Software Installation Guide for Pulse on Windows Server 2008R2 Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software

More information

Fax User Guide 07/31/2014 USER GUIDE

Fax User Guide 07/31/2014 USER GUIDE Fax User Guide 07/31/2014 USER GUIDE Contents: Access Fusion Fax Service 3 Search Tab 3 View Tab 5 To E-mail From View Page 5 Send Tab 7 Recipient Info Section 7 Attachments Section 7 Preview Fax Section

More information

Network Detective. Network Detective Inspector. 2015 RapidFire Tools, Inc. All rights reserved 20151013 Ver 3D

Network Detective. Network Detective Inspector. 2015 RapidFire Tools, Inc. All rights reserved 20151013 Ver 3D Network Detective 2015 RapidFire Tools, Inc. All rights reserved 20151013 Ver 3D Contents Overview... 3 Components of the Inspector... 3 Inspector Appliance... 3 Inspector Diagnostic Tool... 3 Network

More information

Data Center Connector 3.0.0 for OpenStack

Data Center Connector 3.0.0 for OpenStack Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

NETASQ SSO Agent Installation and deployment

NETASQ SSO Agent Installation and deployment NETASQ SSO Agent Installation and deployment Document version: 1.3 Reference: naentno_sso_agent Page 1 / 20 Copyright NETASQ 2013 General information 3 Principle 3 Requirements 3 Active Directory user

More information

Freshservice Discovery Probe User Guide

Freshservice Discovery Probe User Guide Freshservice Discovery Probe User Guide 1. What is Freshservice Discovery Probe? 1.1 What details does Probe fetch? 1.2 How does Probe fetch the information? 2. What are the minimum system requirements

More information

rating of 5 out 5 stars

rating of 5 out 5 stars SPM User Guide Contents Aegify comprehensive benefits... 2 Security Posture Assessment workflow... 3 Scanner Management... 3 Upload external scan output... 6 Reports - Views... 6 View Individual Security

More information

There are numerous ways to access monitors:

There are numerous ways to access monitors: Remote Monitors REMOTE MONITORS... 1 Overview... 1 Accessing Monitors... 1 Creating Monitors... 2 Monitor Wizard Options... 11 Editing the Monitor Configuration... 14 Status... 15 Location... 17 Alerting...

More information

USER GUIDE: MaaS360 Services

USER GUIDE: MaaS360 Services USER GUIDE: MaaS360 Services 05.2010 Copyright 2010 Fiberlink Corporation. All rights reserved. Information in this document is subject to change without notice. The software described in this document

More information

Velocity Web Services Client 1.0 Installation Guide and Release Notes

Velocity Web Services Client 1.0 Installation Guide and Release Notes Velocity Web Services Client 1.0 Installation Guide and Release Notes Copyright 2014-2015, Identiv. Last updated June 24, 2015. Overview This document provides the only information about version 1.0 of

More information

Quick Start Guide For Ipswitch Failover v9.0

Quick Start Guide For Ipswitch Failover v9.0 For Ipswitch Failover v9.0 Copyright 1991-2015 All rights reserved. This document, as well as the software described in it, is furnished under license and may be used or copied only in accordance with

More information

vrealize Air Compliance OVA Installation and Deployment Guide

vrealize Air Compliance OVA Installation and Deployment Guide vrealize Air Compliance OVA Installation and Deployment Guide 14 July 2015 vrealize Air Compliance This document supports the version of each product listed and supports all subsequent versions until the

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

MultiSite Manager. Setup Guide

MultiSite Manager. Setup Guide MultiSite Manager Setup Guide Contents 1. Introduction... 2 How MultiSite Manager works... 2 How MultiSite Manager is implemented... 2 2. MultiSite Manager requirements... 3 Operating System requirements...

More information

PineApp Surf-SeCure Quick

PineApp Surf-SeCure Quick PineApp Surf-SeCure Quick Installation Guide September 2010 WEB BASED INSTALLATION SURF-SECURE AS PROXY 1. Once logged in, set the appliance s clock: a. Click on the Edit link under Time-Zone section.

More information

Configuration Information

Configuration Information This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard. Other topics covered include Email Security interface navigation,

More information

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide AlienVault Unified Security Management (USM) 5.2 Vulnerability Assessment Guide USM 5.2 Vulnerability Assessment Guide, rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

K7 Business Lite User Manual

K7 Business Lite User Manual K7 Business Lite User Manual About the Admin Console The Admin Console is a centralized web-based management console. The web console is accessible through any modern web browser from any computer on the

More information

WhatsUp Gold v16.3 Installation and Configuration Guide

WhatsUp Gold v16.3 Installation and Configuration Guide WhatsUp Gold v16.3 Installation and Configuration Guide Contents Installing and Configuring WhatsUp Gold using WhatsUp Setup Installation Overview... 1 Overview... 1 Security considerations... 2 Standard

More information

Configuring PA Firewalls for a Layer 3 Deployment

Configuring PA Firewalls for a Layer 3 Deployment Configuring PA Firewalls for a Layer 3 Deployment Configuring PAN Firewalls for a Layer 3 Deployment Configuration Guide January 2009 Introduction The following document provides detailed step-by-step

More information

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.1.0.XXX Requirements and Implementation Guide (Rev 4-10209) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis Training Series

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

Virtual Private Cloud - Lab. Hands-On Lab: AWS Virtual Private Cloud (VPC)

Virtual Private Cloud - Lab. Hands-On Lab: AWS Virtual Private Cloud (VPC) Virtual Private Cloud - Lab Hands-On Lab: AWS Virtual Private Cloud (VPC) 1 Overview In this lab we will create and prepare a Virtual Private Cloud (VPC) so that we can launch multiple EC2 web servers

More information

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1 Quick Install Guide Lumension Endpoint Management and Security Suite 7.1 Lumension Endpoint Management and Security Suite - 2 - Notices Version Information Lumension Endpoint Management and Security Suite

More information

CTERA Agent for Linux

CTERA Agent for Linux User Guide CTERA Agent for Linux September 2013 Version 4.0 Copyright 2009-2013 CTERA Networks Ltd. All rights reserved. No part of this document may be reproduced in any form or by any means without written

More information

Installation Guide for Pulse on Windows Server 2012

Installation Guide for Pulse on Windows Server 2012 MadCap Software Installation Guide for Pulse on Windows Server 2012 Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software

More information

Configuration Information

Configuration Information Configuration Information Email Security Gateway Version 7.7 This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard.

More information

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario Version 7.2 November 2015 Last modified: November 3, 2015 2015 Nasuni Corporation All Rights Reserved Document Information Testing

More information

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario Version 7.0 July 2015 2015 Nasuni Corporation All Rights Reserved Document Information Testing Disaster Recovery Version 7.0 July

More information

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client Astaro Security Gateway V8 Remote Access via SSL Configuring ASG and Client 1. Introduction This guide contains complementary information on the Administration Guide and the Online Help. If you are not

More information

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

Configuring SonicWALL TSA on Citrix and Terminal Services Servers Configuring on Citrix and Terminal Services Servers Document Scope This solutions document describes how to install, configure, and use the SonicWALL Terminal Services Agent (TSA) on a multi-user server,

More information

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Windows Firewall Configuration with Group Policy for SyAM System Client Installation with Group Policy for SyAM System Client Installation SyAM System Client can be deployed to systems on your network using SyAM Management Utilities. If Windows Firewall is enabled on target systems, it

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide IBM Security QRadar SIEM Version 7.1.0 MR1 Vulnerability Assessment Configuration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks

More information

Kaseya Server Instal ation User Guide June 6, 2008

Kaseya Server Instal ation User Guide June 6, 2008 Kaseya Server Installation User Guide June 6, 2008 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations. Kaseya's

More information

Tunnels and Redirectors

Tunnels and Redirectors Tunnels and Redirectors TUNNELS AND REDIRECTORS...1 Overview... 1 Security Details... 2 Permissions... 2 Starting a Tunnel... 3 Starting a Redirector... 5 HTTP Connect... 8 HTTPS Connect... 10 LabVNC...

More information

SSL... 2 2.1. 3 2.2. 2.2.1. 2.2.2. SSL VPN

SSL... 2 2.1. 3 2.2. 2.2.1. 2.2.2. SSL VPN 1. Introduction... 2 2. Remote Access via SSL... 2 2.1. Configuration of the Astaro Security Gateway... 3 2.2. Configuration of the Remote Client...10 2.2.1. Astaro User Portal: Getting Software and Certificates...10

More information

Novell ZENworks Asset Management 7.5

Novell ZENworks Asset Management 7.5 Novell ZENworks Asset Management 7.5 w w w. n o v e l l. c o m October 2006 USING THE WEB CONSOLE Table Of Contents Getting Started with ZENworks Asset Management Web Console... 1 How to Get Started...

More information

Administration Quick Start

Administration Quick Start www.novell.com/documentation Administration Quick Start ZENworks 11 Support Pack 3 February 2014 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of

More information

Desktop Surveillance Help

Desktop Surveillance Help Desktop Surveillance Help Table of Contents About... 9 What s New... 10 System Requirements... 11 Updating from Desktop Surveillance 2.6 to Desktop Surveillance 3.2... 13 Program Structure... 14 Getting

More information

Audit Management Reference

Audit Management Reference www.novell.com/documentation Audit Management Reference ZENworks 11 Support Pack 3 February 2014 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of

More information

Device LinkUP + Desktop LP Guide RDP

Device LinkUP + Desktop LP Guide RDP Device LinkUP + Desktop LP Guide RDP Version 2.1 January 2016 Copyright 2015 iwebgate. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval

More information

EMC Smarts Network Configuration Manager

EMC Smarts Network Configuration Manager EMC Smarts Network Configuration Manager Version 9.4.1 Advisors User Guide P/N 302-002-279 REV 01 Copyright 2013-2015 EMC Corporation. All rights reserved. Published in the USA. Published October, 2015

More information

Docufide Client Installation Guide for Windows

Docufide Client Installation Guide for Windows Docufide Client Installation Guide for Windows This document describes the installation and operation of the Docufide Client application at the sending school installation site. The intended audience is

More information

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity How to configure Sophos UTM Web Application Firewall for Microsoft Exchange connectivity This article explains how to configure your Sophos UTM 9.2 to allow access to the relevant Microsoft Exchange services

More information

NovaBACKUP xsp Version 15.0 Upgrade Guide

NovaBACKUP xsp Version 15.0 Upgrade Guide NovaBACKUP xsp Version 15.0 Upgrade Guide NovaStor / November 2013 2013 NovaStor, all rights reserved. All trademarks are the property of their respective owners. Features and specifications are subject

More information

Virtual Data Centre. User Guide

Virtual Data Centre. User Guide Virtual Data Centre User Guide 2 P age Table of Contents Getting Started with vcloud Director... 8 1. Understanding vcloud Director... 8 2. Log In to the Web Console... 9 3. Using vcloud Director... 10

More information

Comodo Endpoint Security Manager SME Software Version 2.1

Comodo Endpoint Security Manager SME Software Version 2.1 Comodo Endpoint Security Manager SME Software Version 2.1 Quick Start Guide Guide Version 2.1.111114 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Endpoint Security Manager - SME Quick

More information

Net Inspector 2015 GETTING STARTED GUIDE. MG-SOFT Corporation. Document published on October 16, 2015. (Document Version: 10.6)

Net Inspector 2015 GETTING STARTED GUIDE. MG-SOFT Corporation. Document published on October 16, 2015. (Document Version: 10.6) MG-SOFT Corporation Net Inspector 2015 GETTING STARTED GUIDE (Document Version: 10.6) Document published on October 16, 2015 Copyright 1995-2015 MG-SOFT Corporation Introduction In order to improve the

More information

escan SBS 2008 Installation Guide

escan SBS 2008 Installation Guide escan SBS 2008 Installation Guide Following things are required before starting the installation 1. On SBS 2008 server make sure you deinstall One Care before proceeding with installation of escan. 2.

More information

Remote Drive PC Client software User Guide

Remote Drive PC Client software User Guide Remote Drive PC Client software User Guide -Page 1 of 27- PRIVACY, SECURITY AND PROPRIETARY RIGHTS NOTICE: The Remote Drive PC Client software is third party software that you can use to upload your files

More information

Virtual Appliance Setup Guide

Virtual Appliance Setup Guide The Barracuda SSL VPN Vx Virtual Appliance includes the same powerful technology and simple Web based user interface found on the Barracuda SSL VPN hardware appliance. It is designed for easy deployment

More information

WhatsUp Gold v16.1 Installation and Configuration Guide

WhatsUp Gold v16.1 Installation and Configuration Guide WhatsUp Gold v16.1 Installation and Configuration Guide Contents Installing and Configuring Ipswitch WhatsUp Gold v16.1 using WhatsUp Setup Installing WhatsUp Gold using WhatsUp Setup... 1 Security guidelines

More information

Enterprise Self Service Quick start Guide

Enterprise Self Service Quick start Guide Enterprise Self Service Quick start Guide Software version 4.0.0.0 December 2013 General Information: info@cionsystems.com Online Support: support@cionsystems.com 1 2013 CionSystems Inc. ALL RIGHTS RESERVED.

More information

AVG Business SSO Partner Getting Started Guide

AVG Business SSO Partner Getting Started Guide AVG Business SSO Partner Getting Started Guide Table of Contents Overview... 2 Getting Started... 3 Web and OS requirements... 3 Supported web and device browsers... 3 Initial Login... 4 Navigation in

More information

ControlPoint. Advanced Installation Guide. Publication Date: January 12, 2016. Metalogix International GmbH., 2008-2016 All Rights Reserved.

ControlPoint. Advanced Installation Guide. Publication Date: January 12, 2016. Metalogix International GmbH., 2008-2016 All Rights Reserved. ControlPoint Publication Date: January 12, 2016 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this software,

More information

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client. WatchGuard SSL v3.2 Release Notes Supported Devices SSL 100 and 560 WatchGuard SSL OS Build 355419 Revision Date January 28, 2013 Introduction WatchGuard is pleased to announce the release of WatchGuard

More information

Security and Compliance Suite Evaluator s Guide. August 11, 2015

Security and Compliance Suite Evaluator s Guide. August 11, 2015 Security and Compliance Suite Evaluator s Guide August 11, 2015 Copyright 2011-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

More information

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Biznet GIO Cloud Connecting VM via Windows Remote Desktop Biznet GIO Cloud Connecting VM via Windows Remote Desktop Introduction Connecting to your newly created Windows Virtual Machine (VM) via the Windows Remote Desktop client is easy but you will need to make

More information

Getting Started. Version 9.1

Getting Started. Version 9.1 Getting Started Version 9.1 Contents About this Guide 4 Other Resources 4 Product Documentation 4 Online Training Program 4 Daily Online Q & A sessions 4 Prepare Your Customer's Network 5 Create a Probe

More information

QUANTIFY INSTALLATION GUIDE

QUANTIFY INSTALLATION GUIDE QUANTIFY INSTALLATION GUIDE Thank you for putting your trust in Avontus! This guide reviews the process of installing Quantify software. For Quantify system requirement information, please refer to the

More information

Salesforce Integration

Salesforce Integration Salesforce Integration 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective

More information

D-Link Central WiFiManager Configuration Guide

D-Link Central WiFiManager Configuration Guide Table of Contents D-Link Central WiFiManager Configuration Guide Introduction... 3 System Requirements... 3 Access Point Requirement... 3 Latest CWM Modules... 3 Scenario 1 - Basic Setup... 4 1.1. Install

More information

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015 QualysGuard WAS Getting Started Guide Version 4.1 April 24, 2015 Copyright 2011-2015 by Qualys, Inc. All Rights Reserved. Qualys, the Qualys logo and QualysGuard are registered trademarks of Qualys, Inc.

More information

NSi Mobile Installation Guide. Version 6.2

NSi Mobile Installation Guide. Version 6.2 NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...

More information

Virtual Appliance Setup Guide

Virtual Appliance Setup Guide The Virtual Appliance includes the same powerful technology and simple Web based user interface found on the Barracuda Web Application Firewall hardware appliance. It is designed for easy deployment on

More information

Preparing for GO!Enterprise MDM On-Demand Service

Preparing for GO!Enterprise MDM On-Demand Service Preparing for GO!Enterprise MDM On-Demand Service This guide provides information on...... An overview of GO!Enterprise MDM... Preparing your environment for GO!Enterprise MDM On-Demand... Firewall rules

More information

PHD Virtual Backup for Hyper-V

PHD Virtual Backup for Hyper-V PHD Virtual Backup for Hyper-V version 7.0 Installation & Getting Started Guide Document Release Date: December 18, 2013 www.phdvirtual.com PHDVB v7 for Hyper-V Legal Notices PHD Virtual Backup for Hyper-V

More information

Charter Business Desktop Security Administrator's Guide

Charter Business Desktop Security Administrator's Guide Charter Business Desktop Security Administrator's Guide Table of Contents Chapter 1: Introduction... 4 Chapter 2: Getting Started... 5 Creating a new user... 6 Recovering and changing your password...

More information

Sophos UTM. Remote Access via PPTP Configuring Remote Client

Sophos UTM. Remote Access via PPTP Configuring Remote Client Sophos UTM Remote Access via PPTP Configuring Remote Client Product version: 9.300 Document date: Tuesday, October 14, 2014 The specifications and information in this document are subject to change without

More information