Adding or editing an asset profile
Asset profiles are automatically discovered and added; however, you might be required to manually add a profile
About this task
When assets are discovered using the Server Discovery option, some asset profile details are automatically populated. You can manually add information to the asset profile and you can edit certain parameters.
You can only edit the parameters that were manually entered. Parameters that were system generated are displayed in italics and are not editable. You can delete system generated parameters, if required.
Procedure
- Click the Assets tab.
- On the navigation menu, click Asset Profiles.
-
Choose one of the following options:
- To add an asset, click Add Asset and type the IP address or CIDR range of the asset in the New IP Address field.
- To edit an asset, double-click the asset that you want to view and click Edit Asset .
-
Configure the parameters in the MAC & IP Address pane.
Configure one or more of the following options:
- Click the New MAC Address icon and type a MAC Address in the dialog box.
- Click the New IP Address icon and type an IP address in the dialog box.
- If Unknown NIC is listed, you can select this item, click the Edit icon, and type a new MAC address in the dialog box.
- Select a MAC or IP address from the list, click the Edit icon, and type a new MAC address in the dialog box.
- Select a MAC or IP address from the list and click the Remove icon.
-
Configure the parameters in the Names & Description
pane. Configure one or more of the following options:
Parameter Description DNS Choose one of the following options:
- Type a DNS name and click Add.
- Select a DNS name from the list and click Edit.
- Select a DNS name from the list and click Remove.
NetBIOS Choose one of the following options:
- Type a NetBIOS name and click Add.
- Select a NetBIOS name from the list and click Edit.
- Select a NetBIOS name from the list and click Remove.
Given Name Type a name for this asset profile. Location Type a location for this asset profile. Description Type a description for the asset profile. Wireless AP Type the wireless Access Point (AP) for this asset profile. Wireless SSID Type the wireless Service Set Identifier (SSID) for this asset profile. Switch ID Type the switch ID for this asset profile. Switch Port ID Type the switch port ID for this asset profile. -
Configure the parameters in the Operating System pane:
- From the Vendor list box, select an operating system vendor.
- From the Product list box, select the operating system for the asset profile.
- From the Version list box, select the version for the selected operating system.
- Click the Add icon.
-
From the Override list box, select
one of the following options:
- Until Next Scan - Select this option to specify that the scanner provides operating system information and the information can be temporarily edited. If you edit the operating system parameters, the scanner restores the information at its next scan.
- Forever - Select this option to specify that you want to manually enter operating system information and disable the scanner from updating the information.
- Select an operating system from the list.
- Select an operating system and click the Toggle Override icon.
-
Configure the parameters in the CVSS & Weight pane.
Configure one or more of the following options:
Parameter Description Collateral Damage Potential Configure this parameter to indicate the potential for loss of life or physical assets through damage or theft of this asset. You can also use this parameter to indicate potential for economic loss of productivity or revenue. Increased collateral damage potential increases the calculated value in the CVSS Score parameter.
From the Collateral Damage Potential list box, select one of the following options:
- None
- Low
- Low-medium
- Medium-high
- High
- Not defined
When you configure the Collateral Damage Potential parameter, the Weight parameter is automatically updated.
Confidentiality Requirement Configure this parameter to indicate the impact on confidentiality of a successfully exploited vulnerability on this asset. Increased confidentiality impact increases the calculated value in the CVSS Score parameter.
From the Confidentiality Requirement list box, select one of the following options:
- Low
- Medium
- High
- Not defined
Availability Requirement Configure this parameter to indicate the impact to the asset's availability when a vulnerability is successfully exploited. Attacks that consume network bandwidth, processor cycles, or disk space impact the availability of an asset. Increased availability impact increases the calculated value in the CVSS Score parameter.
From the Availability Requirement list box, select one of the following options:
- Low
- Medium
- High
- Not defined
Integrity Requirement Configure this parameter to indicate the impact to the asset's integrity when a vulnerability is successfully exploited. Integrity refers to the trustworthiness and guaranteed veracity of information. Increased integrity impact increases the calculated value in the CVSS Score parameter.
From the Integrity Requirement list box, select one of the following options:
- Low
- Medium
- High
- Not defined
Weight From the Weight list box, select a weight for this asset profile. The range is 0 - 10.
When you configure the Weight parameter, the Collateral Damage Potential parameter is automatically updated.
-
Configure the parameters in the Owner pane. Choose one
or more of the following options:
Parameter Description Business Owner Type the name of the business owner of the asset. An example of a business owner is a department manager. The maximum length is 255 characters. Business Owner Contact Type the contact information for the business owner. The maximum length is 255 characters. Technical Owner Type the technical owner of the asset. An example of a business owner is the IT manager or director. The maximum length is 255 characters. Technical Owner Contact Type the contact information for the technical owner. The maximum length is 255 characters. Technical User From the list box, select the username that you want to associate with this asset profile.
You can also use this parameter to enable automatic vulnerability remediation for IBM® Security QRadar® Vulnerability Manager. For more information about automatic remediation, see the IBM QRadar Vulnerability Manager User Guide.
- Click Save.