In IBM®
QRadar® Vulnerability Manager,
you can configure a scan of the Windows operating
systems that are installed on your network. You can manually specify
the credentials in the scan profile or use a credential set.
If
scanning is performed without administrative privileges, then QRadar Vulnerability Manager scans
the remote registry for each installation on the Windows operating system.
Scanning
without administrative privileges is incomplete, prone to false positives,
and does not cover many third-party applications.
Before you begin
QRadar Vulnerability Manager uses
standard Windows operating
system remote access protocols that are enabled by default in most
windows deployments.
Procedure
-
Click the Vulnerabilities tab.
-
In the navigation pane, select .
-
On the toolbar, click Add.
When you create a scan profile, the only mandatory fields
are Name and IP Addresses on
the Details tab of the Scan Profile
Configuration page. To configure an authenticated scan
of the Windows operating
system, you must also follow the remaining steps in this procedure.
- Optional:
Click Use Centralized
Credentials to scan your Windows operating
systems.
You must configure a credential set or manually specify credentials for hosts before scan tools
that require credentials can run.
If QVM cannot find a centralized credential set for the hosts that you are scanning,
it uses existing credentials that you manually specify in the Additional
Credentials tab.
-
Click the When To Scan pane.
-
In the Run Schedule list, select Manual.
If you want the scan to run at a later time, choose from one of the available Run
Schedule options.
-
Click the Additional Credentials area.
-
In the Windows Patch Scanning area,
type the Domain, Username,
and Password for the Windows hosts that you want to scan and click
(>).
The domain name that you type is your Windows domain, not an internet domain.
-
Click Save.
-
In the Scan Profiles page, click Run.