McAfee Vulnerability Manager (Formerly Foundstone Vulnerability Scanner)
- What is Discovered and Monitored
- Event Types
- Rules
- Reports
- Configuration
- Settings for Access Credentials
What is Discovered and Monitored
Protocol |
Metrics collected |
Used for |
---|---|---|
JDBC (SQL Server) |
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id, Vulnerability Score, Vulnerability Consequence |
Security Monitoring |
Event Types
In ADMIN > Device Support > Event Types, search for "mcafee-vul" to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
There are no predefined rules for this device.
Configuration
JDBC
FortiSIEM connects to the faultline
database in the McAfee vulnerability scanner to collect metrics. This is a SQL Server database, so you must have set up access credentials for the database over JDBC to set up access credentials in FortiSIEM and initiate discovery.
Settings for Access Credentials
Settings for McAfee Foundstone Vulnerability Scanner JDBC Access Credentials
Set these Access Method Definition values to allow FortiSIEM to communicate with your device.
Setting | Value |
---|---|
Name | mcafee_jdbc |
Device Type | Microsoft SQL Server |
Access Protocol | JDBC |
Used for | McAfee VulnMgr |
Pull Interval (minutes) | 5 |
Port | 1433 |
Database name | faultline |
User Name | A user with access to the faultline database over JDBC |
Password | The password associated with the user |