Assessing devices that allow risky protocols

Use Policy Monitor to assess devices that allow risky protocols.

About this task

IBM® QRadar® Risk Manager evaluates a question and displays the results of any assets, in your topology, that match the test question. Security professionals, administrators, or auditors in your network can approve communications that are not risky to specific assets. They can also create offenses for the behavior.

Procedure

  1. Click the Risks tab.
  2. On the navigation menu, click Policy Monitor.
  3. From the Group list box, select PCI 1.
  4. Select the test question Assess any devices (i.e. firewalls) that allow risky protocols (i.e. telnet and FTP traffic - port 21 & 23 respectively) from the internet to the DMZ.
  5. Click Submit Question.