Administrators can add a SecureScout scanner to query for
vulnerability data with JDBC.
Before you begin
To query for vulnerability data, QRadar you
must have appropriate administrative access to poll the SecureScout
scanner with JDBC. Administrators must also ensure that firewalls,
including the firewall on the SecureScout host permits a connection
from the managed host responsible for the scan to the SecureScout
scanner.
Procedure
- Click the Admin tab.
- Click the VA Scanners icon.
- Click Add.
- In the Scanner Name field, type
a name to identify your SecureScout server.
-
From the Managed Host list, select an option that is based on one of the
following platforms:
- On the QRadar
Console, select the
managed host that is responsible for communicating with the scanner device.
- On QRadar on Cloud, if the scanner is
hosted in the cloud, the QRadar® Console can be
used as the managed host. Otherwise, select the data gateway that is responsible for communicating
with the scanner device.
- From the Type list, select SecureScout
Scanner.
- In the Database Hostname field,
type the IP address or hostname of the SecureScout database server
that contains the SQL server.
- In the Login Name field, type the
username required to access the SQL database of the SecureScout scanner.
- Optional. In the Login Password field,
type the password required to access the SQL database of the SecureScout
scanner.
- In the Database Name field, type SCE.
- In the Database Port field, type
the TCP port you want the SQL server to monitor for connections. The
default value is 1433.
- To configure a CIDR range for your scanner:
- In the text field, type the CIDR range you want this
scanner to consider or click Browse to select
a CIDR range from the network list.
- Click Add.
- Click Save.
- On the Admin tab, click Deploy
Changes.
What to do next
You are now ready to create a scan schedule. See Scheduling a vulnerability scan.