Managing_General_Settings

Managing General Settings

To configure and manage the following Vulnerability Scanner settings, navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS and double-click TMVS.exe:

Product Query

Select the products to check on the network. To prevent false alarms, select all check boxes. Click Settings next to the product name to verify the port number that Vulnerability Scanner will check.

Manually configure the port settings for each product (except ServerProtect™ for Windows and Linux™ and McAfee™ VirusScan™ ePolicy Orchestrator™).

How Vulnerability Scanner checks security products:

Security products checked by Vulnerability Scanner

Product

Description

OfficeScan client

Vulnerability Scanner uses the OfficeScan client port to check if OfficeScan client is installed. It also checks if the TmListen.exe process is running. It retrieves the port number automatically if executed from its default loca­tion

If you launched TMVS on computer other than the Offic­eScan server, check and then use the other computer's communication port.

Trend Micro Inter­net Security™ (PC-cillin)

Vulnerability Scanner uses port 40116 to check if Trend Micro Internet Security is installed.

ServerProtect for Windows

Vulnerability Scanner uses RPC endpoint to check if SPNTSVC.exe is running. It returns information including operating system, and Virus Scan Engine, Virus Pattern and product versions. Vulnerability Scanner cannot detect the ServerProtect Information Server or the ServerProtect Management Console.

ServerProtect for Linux

If the target computer does not run Windows, Vulnerabil­ity Scanner checks if it has ServerProtect for Linux installed by trying to connect to port 14942.

ScanMail™ for Microsoft Exchange™

Vulnerability Scanner loads the Web page http://ipad­dress:port/scanmail.html to check for ScanMail installa­tion. By default, ScanMail uses port 16372. If ScanMail uses a different port number, specify the port number. Otherwise, Vulnerability Scanner cannot detect ScanMail for Exchange.

InterScan™ family

Vulnerability Scanner loads each Web page for different products to check for product installation.

  • InterScan Messaging Security Suite 5.x: http://localhost:port/eManager/cgi-bin/eManager.htm

  • InterScan eManager 3.x: http://localhost:port/eManager/cgi-bin/eManager.htm

  • InterScan VirusWall™ 3.x: http://localhost:port/InterScan/cgi-bin/interscan.dll

PortalProtect™

Vulnerability Scanner loads the Web page http://localhost:port/PortalPro­tect/index.html to check for product installation.

Norton Antivirus™ Corporate Edition

Vulnerability Scanner sends a special token to UDP port 2967, the default port of Norton Antivirus Corporate Edi­tion RTVScan. The computer with this antivirus product replies using a special token type. Since Norton Antivirus Corporate Edition communicates by UDP, the accuracy rate is not guaranteed. Furthermore, network traffic may influence UDP waiting time.

McAfee VirusScan ePolicy Orchestra­tor

Vulnerability Scanner sends a special token to TCP port 8081, the default port of ePolicy Orchestrator for provid­ing connection between the server and client. The com­puter with this antivirus product replies using a special token type. Vulnerability Scanner cannot detect the standalone McAfee VirusScan.

Protocols

Vulnerability Scanner detects products and computers using the following protocols:

Method for Retrieving Computer Descriptions

Quick retrieval retrieves only the computer name. Normal retrieval takes longer to complete since it retrieves both domain and computer information. If you select Normal retrieval, set Vulnerability Scanner to try to retrieve computer descriptions, if available.

Notifications

To automatically send the results to yourself or to other administrators in your organization, select Email results to the system administrator, and then click Configure to specify email settings.

  1. In To, type the email address of the recipient.

  2. In From, type an email address to let the recipient know who sent the message.

  3. In SMTP server, type the SMTP server address. For example, type smtp.company.com. The SMTP server information is required.

  4. In Subject, type a new subject for the message or accept the default subject.

  5. Click OK.

  6. Choose to display a notification on unprotected computers. Click Customize to configure the notification message. In the Notification Message screen, type a new message or accept the default message. Click OK.

Vulnerability Scan Results

Save the scan results to a comma-separated value (CSV) file. To change the default folder for saving the CSV file, click Browse, select a target folder on the computer or on the network, and then click OK.

Ping Settings

Enable Vulnerability Scanner to ping computers on the network to get their status. To specify how Vulnerability Scanner will send packets to the computers and wait for replies, select Allow Vulnerability Scanner to ping computers on your network to check their status, and then accept the default settings or type new values in the Packet size and Timeout text boxes.

Vulnerability Scanner can also detect the type of operating system using ICMP OS fingerprinting.

OfficeScan Server Settings

Type the OfficeScan server name and port number. Vulnerability Scanner can auto-install the OfficeScan client on unprotected computers.

Click Install to Account to configure the account. In the Account Information screen, type a user name and password that permits installation. Click OK.

Vulnerability Scanner can also send logs to the OfficeScan server.