Vulnerability Database Configuration
What is Vulnerability Database ?
The vulnerability database is a baseline against which the enterprise network
vulnerabilities, are determined. This database is collated by acquiring information from
security bulletins/errata from many of the Internet's largest and most comprehensive databases
for security exposures and vulnerabilities. This information is further thoroughly analyzed and filled-up with relevant information for vulnerability assessment.
The vulnerability database is finally published in the Central
Repository Server (CRS), from where it is updated to the enterprise site on request from the
Security Manager Plus web interface.
The database is periodically updated with latest information and placed in the CRS. Therefore, it is best advised to update the database periodically in order to be in sync with the latest
vulnerability and patch related information.
What does the Vulnerability Database comprise of ?
The vulnerability database contains detailed information about
publicly known security vulnerabilities and exposures , which are
grouped under 'Vulnerability Knowledge Base' and provides :
-
risk based vulnerability prioritization.
-
service based vulnerability classification.
-
remediation solution URLs.
-
common vulnerability exposure (CVE) IDs.
CVE
(Common Vulnerabilities and Exposures) is a list of common names for
publicly known vulnerabilities and exposures. The CVE Editorial board
determines which vulnerabilities or exposures are included in CVE, through
open and collaborative discussions. If the CVE name starts with CAN
(candidate), then it is under consideration for entry into CVE.
The Vulnerability Database also contain Windows Patch
related information, which are grouped separately under 'Patches
Knowledge Base'
and provides :
When should it be updated ?
-
The vulnerability database has to be updated as the first
step, after starting the Security Manager Plus server and logging in to the
web interface - using the update icon in the Home page
--> Security snapshot tab --> Latest Vulnerabilities section.
-
Subsequent update intervals can also be
scheduled, from Admin tab » Configure » Vulnerability Database Updates.
Also, when the CRS at AdventNet site has been updated , your
Security Manager Plus Home page will indicate
Vulnerability Updates Available.
Updating the database immediately
From the web interface of Security Manager Plus, Home
page --> Security snapshot tab --> Latest Vulnerabilities
section, choose the update icon to update the database. Your Security Manager Plus Home page will indicate
Vulnerability Database is Up-to-date once the update is complete.
Alternatively, visit Admin tab »
Configure » Vulnerability Database Updates. Click on the
'Update Now' button to trigger immediate update of Security Manager
Plus vulnerability database.
Visit the Admin tab » Configure » Vulnerability
Database Updates for automatic scheduling
for vulnerability updates.
Viewing Vulnerability Database
You can view the Vulnerability Database either from Admin
tab » Actions » Vulnerability Knowledge Base .
Searching based on CVE ID
The Vulnerability Database can be searched
based on CVE ID. In order to perform a CVE ID based search,
perform the following steps :
- Visit the Admin tab
- Click on the Vulnerability Knowledge Base link from here
- From the CVE ID column in the Vulnerability Knowledge base table,
click on the
icon to invoke the Search field
- Specify the CVE ID you would like to view the information for, in the text
field provided and hit 'Enter' key
- The search results will display the vulnerability that is mapped to this
CVE ID and the corresponding risk information and description
- By clicking on the Short Description link, you can view the details of
this vulnerability and also find a link to the CVE article for the
vulnerability
Viewing Patch Database
You can view the Patch Database either from Admin tab »
Configure » Patches Knowledge Base
Copyright © 2007, AdventNet Inc. All Rights Reserved.