eTrust Vulnerability Manager r8 System Specifications and Supported Platforms

Document ID : KB000055790
Last Modified Date : 14/02/2018
Show Technical Document Details
eTrust Vulnerability Manager
Hardware Specifications
  • Power Supply

    • Type: 1 x 250W with +3.3V, +5V, +12V, -5V and -12V main DC outputs and a 5V standby output.


  • Input Voltage: 100-240VAC (w/ ? 10% tolerance - units are auto-switching capable)


  • System Operating Environment

    • Operating Temperature Range: 10 - 35 degrees C / 50 - 90 degrees F


  • Operating Humidity Range: 8 - 80% (non-condensing)


  • Form Factor

    • 1U 19" rack mount


  • Dimensions

    • 16.7 x 1.7 x 22.7 in.; 425 x 44 x 560 mm (W x H x D)


  • Weight

    • Net: Full System: ~26 lbs. (11.8 kg.)


  • Gross: Full System: ~32 lbs. (14.5 kg.)


  • Regulations (expanding)

    • FCC Class B, CE, UL, TUV, CUL, CISPR 22 (EN 55022)


Supported Browsers
  • Internet Explorer 6.0 and above


  • Mozilla 1.4 and above


Set Up
Installation Requirements
  • Static IP address for the eTrust Vulnerability Manager


  • Subnet Mask


  • Default Gateway


  • DNS IP address


  • Proxy URL (Optional)


  • Communication through port 5250


  • eTrust Vulnerability Manager must be running on a TCP/IP network with sufficient bandwidth to support 100 megabit network transfer speed.


Recommended Order of Installation
  • Install and setup eTrust Vulnerability Manager based on the setup guidelines provided with the appliance


  • Create asset groups


  • Schedule the Asset Groups to report to the appliance, staggering the reporting times


  • Create user accounts and assign permissions


  • Associate user accounts to the appropriate asset groups


  • Once the eTrust Vulnerability Manager is fully up-to-date with content and code releases, then proceed to deploy and install the agents.


  • Install the eTrust VM Service (agent)


  • If you are going to perform security patch remediation, you will need to install the Remediation Delivery file (agent) too.


  • Once the eTrust Vulnerability Manager is synchronized with both code and content, the user will be able to review their task list and start managing vulnerabilities.


Set-up Time
  • Plan the installation of the eTrust Vulnerability Manager to take one day per code update


  • We have created a new image for release 8.0.9 (the latest release as of 3/10/2005) which should accelerate the time to install, configure and use the eTrust Vulnerability Manager.


  • After the eTrust Vulnerability Manager has all of the code updates, it will take at least 24 hours to fully synchronize its content database.


Communication Ports Used
  • eTrust VM Service to eTrust Vulnerability Manager (port 5250 for r8.x agents) Secure Socket Layer (SSL)


  • eTrust VM Service to eTrust Vulnerability Manager (port 443 for r1.x agents) SSL


  • eTrust Vulnerability Manager to CA (port 5250) SSL


  • eTrust Vulnerability Manager to eTrust VM Service for - On demand Inventory (port 5251 - user configurable)


  • eTrust Vulnerability Manager to Remediation Service (port 4721)


  • eTrust Vulnerability Manager to Internet for security patch downloads (port 80 - varies by URL specified in data)


  • eTrust Vulnerability Manager appliance to Unicenter Software Delivery Remote Server (port 4721)


  • Browser to eTrust Vulnerability Manager appliance (port 443) SSL


Auto-Discovery
Asset Discovery
  • On-demand or scheduled


  • User-specified discovery ranges


Discovery Protocol
  • ICMP, TCP/IP


Target Host Ports Scanned
  • Port 161 SNMP (Probes for public community only)


Auto-Inventory
eTrust VM Service
  • The executable file can be distributed via any software delivery application, hosted on an internal network share, emailed or downloaded directly from the application interface.


  • The eTrust VM Service executable file must be installed on assets for detailed asset inventory.


  • The eTrust VM Service checks for signatures of eTrust Vulnerability Manager-supported technologies, patches and associated system configurations settings.


  • The footprint of the eTrust VM Service ranges from 5-15 MB depending on the platform.


  • The eTrust VM Service bandwidth usage is minimal - some fraction of approximately 1.3MB.


eTrust VM Service Platform Support
  • Windows NT 4.0 SP6a


  • Windows 2000 Server SP3, SP4; Advanced Server SP3, SP4; Professional SP3, SP4


  • Windows XP Professional, SP1 and SP2


  • Windows Server 2003 Standard, Web and Enterprise Editions


  • AIX (POWER with RPM) 5.1 and 5.2


  • HPUX 11.0, 11.0i (RISC)


  • Red Hat Linux, 8.0 and 9.0 (Intel)


  • Red Hat Linux Enterprise Server 3.0 with Update 1 (X86)


  • Red Hat Linux Advanced Server 3.0 with Update 1 (X86)


  • Solaris (UltraSPARC) 8.0 and 9.0


  • SUSE 8 and 9


Content
Vulnerability Detection
  • Windows (English OS only) and bundled applications (IE, IIS)


  • Windows NT 4.0 Sp6a


  • Windows XP, SP1 and SP2


  • Windows 2003 (Standard, Web & Enterprise Editions)


  • Windows 2000 Server, Advance Server and Professional SP3 and SP4


  • Solaris 8.0 and 9.0


  • HP-UX 11.0 and 11.i


  • AIX 5.1 & 5.2


  • Red Hat Linux 8.0, 9.0, AS 3.0, and ES 3.0 (OS Only)


  • SuSE 8.2 and 9.0 (OS Only)


Vulnerability Patch Remediation
  • Windows (English OS only) and bundled applications (IE, IIS)


  • Windows NT 4.0 Sp6a


  • Windows XP, SP1 and SP2


  • Windows 2003 (Standard, Web & Enterprise Editions)


  • Windows 2000 Server, Advance Server and Professional SP3 and SP4


Automatic Correlation
  • Vulnerabilities - a validated vulnerability database covering roughly 15,000 versions of technologies, across operating systems, databases, applications, and devices.


  • Configuration Standards - a database of system configuration and hardening procedures for 26 technologies sets mapped to industry and regulatory standards.


Industry and Regulatory Standards
  • GLBA


  • HIPPA


  • ISO 17799


  • SANS Top 20


System Configuration and Hardening Procedures
  • AIX 5.1L


  • Apache Web Server 2.0.40


  • Digital Unix 5.1A


  • Exchange Server 2000 SP3


  • Firewall-1 4.1 SP6


  • FreeBSD 4.6.2


  • HP-UX 11.22


  • Internet Information Services 5.0


  • IOS 12.2


  • iPlanet Web Server 6.0 SP4


  • Lotus Notes 5.0.5


  • Netware 6.0 SP2


  • Oracle 9i


  • OS/400 4R5


  • PIX 6.2(2)


  • Pocket PC 2002


  • Red Hat Linux 7.3


  • Solaris 9


  • SQL Server 2000 SP2


  • Win 2000 Professional SP3


  • Win 2000 Server SP3


  • Win NT Server 4.0 SP6a, Win NT Workstation 4.0 SP6a


  • Windows XP Professional SP1


  • Windows 2003 Server, Enterprise


  • Exchange 2003


  • RedHat AS 3, ES 3


  • Oracle 10g


Additional Details
Assets Managed per Appliance
  • 100-2,500 depending on license


Users
  • 10% of total assets managed


  • 10% of total users can have concurrent logins


Assigned Permissions
  • Super User


  • Asset Administration


  • Configuration Management


  • Administration


  • General Use


Content and Code Updates
  • Content updates pulled from CA Content Source (contentupdate.ca.com) by the eTrust Vulnerability Manager on an hourly or daily schedule per customer configuration.


  • Code updates are automatically downloaded when available and applied during daily maintenance window.


Information Storage
  • Passwords are encrypted and stored locally.


Backup and Restore
  • Backups scheduled in eTrust Vulnerability Manager interface


  • Specify backup storage to an external network device via FTP


Product Integration Compatibility
  • eTrust Audit r8


  • eTrust Security Command Center r8


  • Unicenter Software Delivery 4.0 SP1