Server discovery
The Server Discovery function uses the Asset Profile database to discover different server types that are based on port definitions. Then, you can select the servers to add to a server-type building block for rules.
The Server Discovery function is based on server-type building blocks. Ports are used to define the server type. Thus, the server-type building block works as a port-based filter when you search the Asset Profile database.
For more information about building blocks, see the IBM QRadar User Guide.
Use the Server Discovery function with IBM
QRadar Vulnerability Manager to create
exception rules for benign vulnerabilities. Reduce the number of vulnerabilities that you see for
the following Server Types:
| Server Type | Vulnerability |
|---|---|
| FTP Servers | FTP Server Present |
| DNS Servers | DNS Server is Running |
| Mail Servers | SMTP Server Detected |
| Web Servers | Web Service is Running |
For more information about false positive vulnerabilities, see the IBM QRadar Vulnerability Manager User Guide.