Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

External Systems Configuration Guide

McAfee Foundstone Vulnerability Scanner

What is Discovered and Monitored

Protocol

Metrics collected

Used for

JDBC (SQL Server)

Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id, Vulnerability Score, Vulnerability Consequence

Security Monitoring

Event Types

In ADMIN > Device Support > Event, search for "foundstone" in the Description column to see the event types associated with this device. 

Rules

There are no predefined rules for this device. 

Reports

There are no predefined rules for this device. 

Configuration

JDBC

FortiSIEM connects to the faultline database in the McAfee vulnerability scanner to collect metrics. This is a SQL Server database, so you must have set up access credentials for the database over JDBC to set up access credentials in FortiSIEM and initiate discovery. 

Settings for Access Credentials

Settings for McAfee Foundstone Vulnerability Scanner JDBC Access Credentials

Set these Access Method Definition values to allow FortiSIEM to communicate with your device.

Setting Value
Name mcafee_jdbc
Device Type Microsoft SQL Server
Access Protocol JDBC
Used for McAfee VulnMgr
Pull Interval (minutes) 5
Port 1433
Database name faultline
User Name A user with access to the faultline database over JDBC
Password The password associated with the user

McAfee Foundstone Vulnerability Scanner

What is Discovered and Monitored

Protocol

Metrics collected

Used for

JDBC (SQL Server)

Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id, Vulnerability Score, Vulnerability Consequence

Security Monitoring

Event Types

In ADMIN > Device Support > Event, search for "foundstone" in the Description column to see the event types associated with this device. 

Rules

There are no predefined rules for this device. 

Reports

There are no predefined rules for this device. 

Configuration

JDBC

FortiSIEM connects to the faultline database in the McAfee vulnerability scanner to collect metrics. This is a SQL Server database, so you must have set up access credentials for the database over JDBC to set up access credentials in FortiSIEM and initiate discovery. 

Settings for Access Credentials

Settings for McAfee Foundstone Vulnerability Scanner JDBC Access Credentials

Set these Access Method Definition values to allow FortiSIEM to communicate with your device.

Setting Value
Name mcafee_jdbc
Device Type Microsoft SQL Server
Access Protocol JDBC
Used for McAfee VulnMgr
Pull Interval (minutes) 5
Port 1433
Database name faultline
User Name A user with access to the faultline database over JDBC
Password The password associated with the user