IBM Proventia Network Enterprise User Manual - page 76
Chapter 5: Introduction to Enterprise Scanner Policies
76
IBM Internet Security Systems
Descriptions of Agent Policies
Introduction
This topic describes the policies that define how Enterprise Scanner agents operate (agent
policies).
Agent policy
descriptions
Table 23 describes the agent policies:
Icon
Policy
Description
Access
a
a. You must define this policy separately for each agent. An agent cannot inherit it from other groups or share
it with other agents in the same group.
Defines the passwords for the Enterprise Scanner local accounts,
and enables (requires) or disables the bootloader (root) password
for some operations.
ESM
a
(Enterprise
Scanner Module)
Defines the perspective assigned to a scanning network interface
and defines how to divide discovery and assessment tasks into
manageable subtasks.
Network Locations
b
b. You can have only one Network Locations policy. It defines perspectives that are used by all agents and
assets at the Site. It appears once for the Site at the Site Group level.
Defines the relative location of the agent on the network, which is
the agent’s scanning perspective.
Networking
a
Defines the following:
•
network configuration settings
•
DNS servers and search paths for the network interfaces and
for the scanning network interface
Notification
Defines the following:
•
Enables alert logging and notification for system warning,
system error, and system informative events
•
Allows you to fine-tune Enterprise Scanner options with
advanced parameters
Services
a
Defines whether to enable or disable the SSH protocol between
the agent and the SiteProtector Update Server.
Note: If you want to set up explicit-trust authentication between
an agent and a SiteProtector Update Server, you could use SSH
to copy the server’s certificate from the server to your agent.
(p.220)
Time
a
Defines the following:
•
the date and time zone in which the agent operates
•
whether to use network time protocol (NTP) on the agent
Update Settings
Defines how to handle downloads, installation, and notification for
firmware and assessment content updates.
Table 23: Descriptions of the agent policies