The Simple Network Management Protocol (SNMP) This section explain how to configure SNMP service on Windows systems in order to monitoring and collect detailed information about the server. Requirements: The SNMP service must be installed. If you want to check or install the SNMP service you can follow this steps: Clink on Windows > Administrative […]
The Simple Network Management Protocol (SNMP) This section explain how to configure SNMP service on Linux systems in order to monitoring and collect detailed information about the server. Requirements: Check that SNMP service is installed. The command to install SNMP changes depending on distribution; Debian, RedHat, Centos, Solaris, for this reason we recommend to search […]
Log in to SGBox using an Active Directory or LDAP Server This article explains how to configure SGBox to use AD or LDAP Server in order to check authentication during the users login. Loging to the SGBox Web interface: Go to SCM > Users > Users Click on Settings in a top right corner. Click […]
User Behavior Analytics (UBA) The behavior analysis is an extension of the Risk Analysis and takes into consideration all the events related to the user and performs a series of evaluations to define whether the behavior of a certain user is considered “normal” or not. Statistical algorithms analyze the historical data related to the user, […]
The notifications section With the 4.2.1 version the notifications section has been introduces in the bottom of the side bar. Notifications are shown when license host limit is exceeded and when hosts have been idle for a long time.
Use the collector to run a Vulnerability Scan This article explains how to configure a collector as a probe for SGBox.This is useful if you want delegate the Vulnerability Scan job to collector instead SGBox. Requirements: A collector must be deployed and configured to communicate with SGBox. Show this section Loging to the SGBox Web […]
The correlation rules A correlation rule is used to alert the admin when an event, or a series of events, occur in a specified time range.In order to create a new simple rule you have to: Requirements: A mail server must be configured. Look Configure a Mail server section to see how to configure a […]
Launch a Scan This section explains how to launch a vulnerability scan. SGBox uses, by default, the OpenVAS engine to test vulnerabilities on host groups (assets). To run it, you need to: Requirements: OpenVAS must be configured. Look This section to see how to configure OpenVAS. A asset must be prepared to OpenVAS. Look this […]
This article explains how to prepare an asset to NVS. In this way, the hosts that are part of it, can be used as target of the scan test. For more information about the assets, look the article that explains how to create an asset. Requirements: The asset must be created. Look this section to […]
On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. If not already present, install rsyslog packet. apt-get -y install rsyslog Edit “rsyslog.conf” file vi /etc/rsyslog.conf Add the following row in order to send only authentication logs. Is possible use the IP or […]