Fortinet black logo

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

External Systems Configuration Guide

McAfee Foundstone Vulnerability Scanner

What is Discovered and Monitored

Protocol

Metrics collected

Used for

JDBC (SQL Server)

Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id, Vulnerability Score, Vulnerability Consequence

Security Monitoring

Event Types

In ADMIN > Device Support > Event Types, search for "mcafee-vul" to see the event types associated with this device. 

Rules

There are no predefined rules for this device. 

Reports

There are no predefined rules for this device. 

Configuration

JDBC

FortiSIEM connects to the faultline database in the McAfee vulnerability scanner to collect metrics. This is a SQL Server database, so you must have set up access credentials for the database over JDBC to set up access credentials in FortiSIEM and initiate discovery. 

Settings for Access Credentials

Settings for McAfee Foundstone Vulnerability Scanner JDBC Access Credentials

Set these Access Method Definition values to allow FortiSIEM to communicate with your device.

SettingValue
Namemcafee_jdbc
Device TypeMicrosoft SQL Server
Access ProtocolJDBC
Used forMcAfee VulnMgr
Pull Interval (minutes)5
Port1433
Database namefaultline
User NameA user with access to the faultline database over JDBC
PasswordThe password associated with the user

McAfee Foundstone Vulnerability Scanner

What is Discovered and Monitored

Protocol

Metrics collected

Used for

JDBC (SQL Server)

Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id, Vulnerability Score, Vulnerability Consequence

Security Monitoring

Event Types

In ADMIN > Device Support > Event Types, search for "mcafee-vul" to see the event types associated with this device. 

Rules

There are no predefined rules for this device. 

Reports

There are no predefined rules for this device. 

Configuration

JDBC

FortiSIEM connects to the faultline database in the McAfee vulnerability scanner to collect metrics. This is a SQL Server database, so you must have set up access credentials for the database over JDBC to set up access credentials in FortiSIEM and initiate discovery. 

Settings for Access Credentials

Settings for McAfee Foundstone Vulnerability Scanner JDBC Access Credentials

Set these Access Method Definition values to allow FortiSIEM to communicate with your device.

SettingValue
Namemcafee_jdbc
Device TypeMicrosoft SQL Server
Access ProtocolJDBC
Used forMcAfee VulnMgr
Pull Interval (minutes)5
Port1433
Database namefaultline
User NameA user with access to the faultline database over JDBC
PasswordThe password associated with the user