Scanning for vulnerabilities, Provided scan definitions – HP Insight Vulnerability and Patch Manager Software User Manual

3.

Follow the on-screen instructions, selecting the appropriate update information for your server environment
when prompted.

4.

Click Schedule, and then select a time to acquire daily Vulnerability and Patch Manager updates.

Updates might not be available daily, but scheduling the event daily ensures that you obtain critical
updates promptly. Updates to scan definitions are usually available a few days after new patches are
released.

5.

To run the patch acquisition, click Run Now.

The vulnerability and patch acquisition process begins. You can monitor the progress of the acquisition
at C:\Program Files\HP\VPM Acquisition Utility\logs\patch-acquire.log. To
manually scroll through the log file during the acquisition, clear the Enable auto-scroll checkbox.

The Acquisition Log displays the progress of the acquisition. Disregard any messages that appear on
the log screen.

The acquisition process might appear to stall (hang) when downloading large files.

IMPORTANT:

Acquiring patches from the Red Hat Network requires the network connection to remain

connected for the duration of the acquisition operation. If the network goes down, you must restart the patch
acquisition.

Scanning for vulnerabilities

Vulnerability and Patch Manager provides a variety of scan definitions. You can use these scans to search
for vulnerabilities or modify them to suit the specific needs of your environment. You can create custom scans
from the default system scans. When default system scans are updated, the custom scans are also updated
with corresponding vulnerability updates.

The following table lists the provided scan definitions that are provided with Vulnerability and Patch Manager
and a brief description of each.

Table 2-3 Provided scan definitions

Description

Scan definition

Windows NT® 4.0 vulnerabilities

4_0*

Microsoft Advisories

Advisory

Autofixable vulnerabilities

AutoFix

Microsoft® and Linux vulnerabilities

CrossPlatform

Known and unknown locations file checks

FileChecks

Known location file checks

FileCheck_KnownLocation

Unknown location file checks

FileCheck_UnknownLocation

Internet Explorer vulnerabilities

IE

IIS vulnerabilities

IIS

Linux vulnerabilities

Linux

Malware checks

Malware

Password policy check

Password

Windows NT password policy

PasswordChecker

All policy check

Policy

SQL Server vulnerabilities

SqlServer

Windows 2000 vulnerabilities

W2K

Windows 2003 vulnerabilities

W2K3

Windows® XP vulnerabilities

XP

Windows 2008 server vulnerabilities

Windows 2008

Scanning for vulnerabilities

11