Adding a netVigilance SecureScout scan

Administrators can add a SecureScout scanner to query for vulnerability data with JDBC.

Before you begin

To query for vulnerability data, QRadar® you must have appropriate administrative access to poll the SecureScout scanner with JDBC. Administrators must also ensure that firewalls, including the firewall on the SecureScout host permits a connection from the managed host responsible for the scan to the SecureScout scanner.

Procedure

  1. Click the Admin tab.
  2. Click the VA Scanners icon.
  3. Click Add.
  4. In the Scanner Name field, type a name to identify your SecureScout server.
  5. From the Managed Host list, select an option that is based on one of the following platforms:
    • On the QRadar Console, select the managed host that is responsible for communicating with the scanner device.
    • On QRadar on Cloud, if the scanner is hosted in the cloud, the QRadar Console can be used as the managed host. Otherwise, select the data gateway that is responsible for communicating with the scanner device.
  6. From the Type list, select SecureScout Scanner.
  7. In the Database Hostname field, type the IP address or hostname of the SecureScout database server that contains the SQL server.
  8. In the Login Name field, type the username required to access the SQL database of the SecureScout scanner.
  9. Optional. In the Login Password field, type the password required to access the SQL database of the SecureScout scanner.
  10. In the Database Name field, type SCE.
  11. In the Database Port field, type the TCP port you want the SQL server to monitor for connections. The default value is 1433.
  12. To configure a CIDR range for your scanner:
    1. In the text field, type the CIDR range you want this scanner to consider or click Browse to select a CIDR range from the network list.
    2. Click Add.
  13. Click Save.
  14. On the Admin tab, click Deploy Changes.

What to do next

You are now ready to create a scan schedule. See Scheduling a vulnerability scan.