Viewing the Scanning Services

To view the scanning services:

  1. Sign in to the HPCA Console.
  2. Click the Management tab.
  3. In the left pane, click Services. The list of available CSDB domains opens.
  4. In the left pane, click Security.
  5. In the Catalog pane, click one of the Security services. For example:

The CSDB initially contains an instance of PRIMARY.SECURITY.ZSERVICE called <Discover Vulnerabilities (Limited Edition)> for vulnerability scanning and another instance called <Discover FDCC 1.0 Compliance> for compliance scanning. As other benchmarks are added to the HP Live Network content, new instances will become available. After you perform your first HP Live Network update, the <Discover Security Tools> service is added.

The CSDB also contains an instance of PRIMARY.SECURITY.TIMER called Daily Vulnerability Scan, which determines when the vulnerability scanner is executed on target systems. Although they are separate instances, the <Discover Vulnerabilities> service has a connection to the Daily Vulnerability Scan timer.

Note: There is no built-in timer for compliance or security tools scanning. You must set up a DTM job to schedule regular compliance and security tools scans on your target devices. For more information, see Create an HPCA Job to Schedule or Trigger a Scan. Alternatively, you can set up your own compliance scanning timer in the CSDB.

The following example is a snapshot of the Admin CSDB Editor showing a subset of the parameters for the Daily Vulnerability Scan service:

The timer does not directly invoke the scanner. When the timer expires, radskman performs a connect operation to the SECURITY Domain. This causes one of the following methods to be executed: ZCREATE, ZVERIFY, ZUPDATE, or ZREPAIR. When any of these methods is executed, the scanner is launched on the target system.

By default, the timer is configured to run daily at a randomly selected time between 08:30 and 16:30 local (system) time.

Note: You must explicitly entitle your target devices to the scanning services before you can use them. For more information, see Schedule or Trigger a Scan.


© 2003 - 2012 Hewlett-Packard Development Company, L.P.