IBM Proventia Network Enterprise User Manual - page 186
Chapter 13: Tracking and Remediation
186
IBM Internet Security Systems
Overview of the Remediation Process
Introduction
You can use Enterprise Scanner to collect the following information about your enterprise:
●
What assets are on the enterprise networks?
●
What services are running on these assets?
●
What applications are running on these assets?
●
What vulnerabilities exist on these assets?
After Enterprise Scanner has collected this information, you can determine which
conditions require attention and create work tickets from the SiteProtector Console.
Process overview
The following table outlines a remediation process using SiteProtector:
Scanning
suggestions
If you are relying on regular background scans to verify and close tickets, make sure that
the cycle duration is short enough to verify work items within the time period allocated.
That is, if your company policy states that high risk vulnerabilities be corrected within 24
hours, make sure that a background scan happens within 24 hours to verify completion.
If you do not want to modify the cycle duration for your background scans, you can run
an ad hoc scan to verify and close tickets that are pending system verification.
Task Description
1
Scan your network using Enterprise Scanner.
2
View the information in the SiteProtector Console, and determine which situations require
further investigation.
3
Create and assign tickets for work to be completed.
4
Track tickets and edit status as necessary throughout the remediation process.
5
Report on tickets as necessary throughout the remediation process.
6
Close tickets in one of the following ways:
•
manually
•
automatically after system verification has been completed
Table 67: Remediation process