Hosted (Cloud) IS and LSS Quick Start Guide

Quick Start Guide

 

Configuration of Your New Local Scanning Server (LSS)

With the Beyond Security Hosted Information Server (IS)

**** Refer to PDF at the bottom of the page for Visual Guide.

 

Please follow the steps in this guide to install this AVDS Local Scanning Server (LSS) on your network.

 

All scanning and reporting functions must be controlled from our hosted Information Server (IS). We will provide a user name and password to your own secure account on the IS.

 

This LSS has been pre-configured to connect with either cloud2.beyondsecurity.com (for North and South America) or cloud3.beyondsecurity.com (all other regions) using HTTPS (port 443).

 

After completing these instructions, or if you have any questions, please contact technical support at: AVDSeval@BeyondSecurity.com. Support will provide your user name and password to the IS.

 

 

Please Set Up Your LSS Now:

 

Connect it to a VGA monitor, USB Keyboard and to the network.

 

Start the LSS. The boot sequence will complete with the prompt: AVDS>

                        [Type help at any prompt to see a list of the CONSOLE COMMANDS.]

 

Network Configuration:

  • To set static IP address or DHCP, enter:

AVDS> network

Then enter:
AVDS (network)> interface eth0
[Note: eth0 is the left port: Gb1. To configure the right port (Gb2) please enter 'interface eth1' ]

For DHCP enter:

          AVDS (network interface eth0)> dhcp on

                    OR for Static IP enter IP address:

AVDS (network interface eth0)> ip XXX.XXX.XXX.XXX

  • Set the gateway address, enter:

AVDS (network interface eth0)> exit

Then enter:
AVDS (network)> gateway XXX.XXX.XXX.XXX

  • Name Server default is 8.8.8.8. To change this, enter:

AVDS (network)> ns XXX.XXX.XXX.XXX

 

  • IMPORTANT: Save the network settings, enter:

AVDS (network)> save

 

     To view the saved network settings enter:

                    AVDS (network)> show

 

  • Set time zone, date and time, enter:

AVDS (network)> exit

Type timezone and press 'tab' to display list:

AVDS > timezone

Select appropriate time zone from list and enter.

To view date and time, enter:

AVDS > date

To change date or time, enter

AVDS > date MMDDhhmmYYYY

[Example: For the 19th of December 2013 at 6:54 PM (18:54):

 AVDS > date 121918542013 ]

 

  • IMPORTANT: Save the date and time settings, enter:

AVDS > save

 

Establish External Connectivity

 

The LSS must be able to communicate with the IS to receive scanning instructions and to deliver scanning results. This connection has been pre-configured and will be originated by the LSS on HTTPS (port 443). Please make any network arrangements needed to allow the LSS to connect and then test that it is able to ping (ICMP echo) the correct IS for your region:

North and South America type:

          AVDS (network)> ping cloud2.beyondsecurity.com

All other regions type:

          AVDS (network)> ping cloud3.beyondsecurity.com

 

Set LSS Password and Time Zone

 

  1. Open a browser and login at: https://<ip-of-LSS-machine>.
  2. Default LSS username is 'admin' and password is 'demo'.

Please set new password now

  1. Click on Modify.

 

All scanning and reporting functions are controlled on the IS.

Do not attempt to control scanning functions on the LSS.

 

PLEASE CONTACT SUPPORT TO RECEIVE YOUR USER LOGON FOR THE INFORMATION SERVER: AVDSEval@BeyondSecurity.com

 


Creating and Managing Network Scans

 

There are two ways to add a new scan to the AVDS Information Server. On the home page there is a dashlet tool called 'Quick Add' which we recommend for your first scans. Use the 'Standard Scan Setup' instructions, below, for access to all scan features.

 

Quick Add

 

To quickly start a new scan, use the dashlet tool called 'Quick Add' that is available on the AVDS dashboard Home page (the screen you see when you first login).

 
   

 

 

First enter a Name for the scan, then enter Range; a list of hosts separated by commas and/or a range of IP's marked by a dash. For example:

 

www.beyondsecurity.com,www.securiteam.com

and/or

192.168.1.1-100

 

The Organization field will display a default now and later, if you create more 'Organizations', they will also display here (see more info below on creating Organizations). The LSS field will display a default server. If more scanners are added to your system you will be able to select them here.

 

Optional: check the 'Create Web Scan' check box to include a web application scan if scanning just a single host.

 

The Contact field will also display the current default name. Later, if other people are added to the system their names will display.

 

Finally, click Create - and you will be taken to the Network Scan configuration page.

 

There, scroll down and select a schedule and/or click on 'immediate scan' to put the scan into the queue.

 

That's all there is to it. The scan is now configured and can be customized to your needs in Admin -> Scan Settings.

 

 

Standard Scan Setup

 

In AVDS, each scan is assigned to an "Organization". The term Organization is used to describe a logical group of users, scans, reports and an LSS. This might relate to a location, an area of responsibility or some other segmentation of your company network. Using Organizations to divide a company network into segments is optional and in small, flat networks where all scanning is managed by a single person or group it may not be required.

 

In the example below an imaginary company, 'ACME', has two major divisions each with its own network administrators. In this example we will create 2 Organizations, “DMZ East” and “DMZ West”, so that each group of administrators can access, control and manage their own scans.

Creating a New Organization (Optional)

 

If you do not create an Organization, all scans will be assigned to the default, which is okay if one person intends to manage all scanning of the entire company. You can create new Organizations at any time and re-assign existing scans to them.

 

To create a new Organization:

  • Go to Admin → Organizations
  • Click on “new”
  • Enter the following mandatory fields:
    • Organization name
    • Contact (reports will be sent to the email address of this contact)
    • Accept defaults for other fields.
  • Click “Apply” for the settings to take effect

 

 

Creating a New Scan

 

Creating scans allows you to program the system to periodically scan a range of IP's or a select list of hostnames automatically. Results will be sent via email to the contact and shown under the Vulnerabilities tab.

 

To create a new scan:

  • Go to Admin → Scan Settings
  • Click on “New” button (below Scan List)
  • Enter the following mandatory fields:
    • Scan name: Any string that is descriptive, such as location, IP range, etc.
    • LSS: If there is just one LSS, it will be default selected.
    • Parent Organization: Any Organizations you have created will display here for selection. If none have been created, then the default Organization will be displayed  
    • Hostname / IP Address Range: the list of IP's to scan.

Some examples:
192.168.1.1-254 = all IP's between 192.168.1.1 and 192.168.1.254
10.1.1.5,10.1.1.15,10.1.1.25 = the three IP addresses specified
www.example.com, mail.example.com, ns.example.com
and combinations of the above

  • Contact person: This person will receive an email with a report once the scan is finished. New people (or groups of people) can be added later and this scan can be modified to include them.
  • Click “apply” for the settings to take effect

 

The system will now find the LSS named in the scan just created. You will see the message:

 

 

 

  • Wait a few seconds, and click on the “refresh” button just above this message. If the message disappears, the scanner has acknowledged the scan and a new panel will appear at the bottom of the page to allow you to schedule the scan:

 

 

 

 

 

 

 

 

The default scan frequency is 'daily'. Modify the date scans will start (reference date) the frequency ('routine') or time of day, if you wish and click “modify schedule”.

  • Once the schedule is ok, click on Enable Scan to have the scan scheduled.

 

Note: Once the scan is enabled you will have the option to click Immediate Scan to have the scan start immediately regardless of the schedule or scan window.

 

Viewing the Scan Status

 

Once a scan has been configured, you can see it by going to:

Admin → Scan Settings

and select the scan from the list to view configuration and status.

 

Creating a New Web Scan

 

The AVDS System delivers web application scanning including crawling the web site to discover dynamic pages and using authentication to log into password protected areas. The results of the web scan will be integrated into the results of the network scan for that host for a single report.

 

To configure a new web scan:

  • Go to Admin → Web Scan Settings
  • Click on “New” button (below the Web Scan List)
  • Fill in the following mandatory fields:
    • Name: Any string that is descriptive, such as company division, site name, etc.
    • Scan: this is the network where the network scan for that host is done. Results of the web scan will be integrated with the network scan
    • Hostname: (host to be tested, like: www.acme.com)
    • URL Testing Limit: Default is 15
    • Check boxes: all unchecked
    • Contact Person: This person will receive an email with a report once the scan is finished. New users (or groups of users) can be added later and this scan modified to select them.
  • Click “Apply” for the new web scan to be created
  • You will now be presented with additional options:
    • Configure the schedule and click “Enable Scan” to activate the scan
    • Decide whether you want the scanner to crawl the entire web site, or add specific pages to be analyzed for security vulnerabilities
    • Optional: Configure web site log in authentication (form based or NTML based)

Viewing the Web Scan Status

 

Once a web scan has been configured, you can see it by going to:

Admin → Web Scan Settings

and selecting the web scan from the list.

 

Further Assistance

 

Should you have any questions or require further assistance, please contact Customer Support:

          Support@BeyondSecurity.com

         

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk