Automating Vulnerability Management Information Updates - PAS Integrity Software Suite - 7.3 - Administration & Configuration - Intergraph

Integrity Administration Guide

Language
English
Product
PAS Integrity Software Suite
Subproduct
Cyber
Search by Category
Administration & Configuration
PAS Version
7.3

Cyber Integrity provides a configuration utility to help you specify the credentials and locations for downloading the latest vulnerability management and patch management information from the PAS by Hexagon SFTP site and then moving the files to a location where it can be imported by the Cyber Integrity server. Cyber Integrity also provides download and import utilities that you can schedule as needed to get the latest vulnerability management and patch management information. This section addresses how to use these utilities for the vulnerability management information. For more information about patch management, see Automating Patch Management Information Updates.

These utilities are provided on the Integrity server. However, due to network configuration, that server may not be able to access the location where PAS by Hexagon publishes vulnerability and patch management information. In this case, you can run the configuration and download utilities on another computer that has the access needed to download the vulnerability and patch management information. Then, the utilities can transfer the downloaded files to the Integrity server where needed.

To automate the download and import of vulnerability management information:

  1. Run the FTPLoadConfigTool.exe configuration utility to specify the credentials and locations for downloading the latest Vulnerability Management asset model. For more information, see Setting Vulnerability Management Credentials and Locations.

  2. Use Windows Task Scheduler to schedule the FTPDownload.exe utility to run each day and download the latest Vulnerability Management asset model. The FTPDownload.exe utility can also perform a second transfer/move to put the updated asset model where the Cyber Integrity server can import and use it. For more information, see Scheduling Vulnerability Management Download and Transfer.

  3. Use Windows Task Scheduler on the Integrity server to schedule the RunDefinition.exe utility to run each day and import the latest Vulnerability Management asset model. This import should be scheduled for at least two hours after the download of the latest Vulnerability Management asset model. For more information, see Scheduling Vulnerability Management Import.