Hosted Portal Quick Start Guide

**** Refer to PDF at the bottom of the page for Visual Guide.

 

Creating and Managing Network Scans

There are two ways to add a new scan to the AVDS Information Server. On the home

page there is a dashlet tool called 'Quick Add' which we recommend for your first scans.

Use the 'Standard Scan Setup' instructions, below, for access to all scan features.

To quickly start a new scan, use the dashlet tool called 'Quick Add' that is available on

the AVDS dashboard Home page (the screen you see when you first login).

First enter a Scan Name, then enter Range; a list of hosts separated by commas and/or

a range of IP's marked by a dash. For example:

www.beyondsecurity.com, www.securiteam.com

192.168.1.101, 192.168.1.102

Beyond Security, Inc. 19925 Stevens Creek Blvd.

US: 1-800-801-2821 Cupertino, CA

Intl: +1-408-329-6041 USA

www.BeyondSecurity.com www.SecuriTeam.com

The Organization field will display a default now and later, if you create more

'Organizations', they will also display here (see more info below on creating

Organizations). The scan Organization can be changed later.

The LSS field will display a default scanner. If more scanners are added to your system,

you will be able to select them here.

Optional: Check the 'Create Web Scan' check box to include a web application scan if

scanning just a single host.

The Contact field will also display the current default name. Later, if other people are

added to the system their names will display. The scan Contact can be changed later.

Finally, click Create - and you will be taken to the Network Scan configuration page.

There, scroll down and select a schedule and/or click on 'immediate scan' to put the

That's all there is to it. The scan is now configured and can be customized to your needs

in Scan – Scan Settings.

Standard Scan Setup

In AVDS, each scan is assigned to an "Organization". The term Organization is used to

describe a logical group of users, scans, reports and an LSS. This might relate to a

location, an area of responsibility or some other segmentation of your company network.

Using Organizations to divide a company network into segments is optional and in small,

flat networks where all scanning is managed by a single person or group it may not be

In the example below an imaginary company, 'ACME', has two major divisions each with

its own network administrators. In this example we will create 2 Organizations, “DMZ

East” and “DMZ West”, so that each group of administrators can access, control and

manage their own scans.

Beyond Security, Inc. 19925 Stevens Creek Blvd.

US: 1-800-801-2821 Cupertino, CA

Intl: +1-408-329-6041 USA

www.BeyondSecurity.com www.SecuriTeam.com

Creating a New Organization (Optional)

New Scans will be assigned to the default Organization, which is okay if one person

intends to manage all scanning. You can create new Organizations at any time and re-
assign existing scans to them.

To create a new Organization:

 Go to menu item Admin - Organizations and click on List

 Scroll to bottom of Organization List table and click on “New” button

 Enter the following mandatory fields into the Organization Details Table:

 Organization name

 Contact (reports will be sent to the email address of this contact)

 Accept defaults for other fields.

 Click “Apply” for the settings to take effect

Creating a New Scan

Creating scans allows you to program the system to periodically scan a range of IP's or a

select list of hostnames automatically. Results will be sent via email to the Contact and

are shown in the AVDS web interface under Results.

To create a new scan:

 Go to menu item: Scans - Scan Settings

 Click on “New” button (below Scan List Table)

 Enter the following mandatory fields:

 Scan name: Any string that is descriptive, such as location, IP range, etc.

 LSS: If there is just one LSS, it will be default selected.

 Parent Organization: Any Organizations you have created will display here for

 Hostname / IP Address Range: the list of IP's to scan.

selection. If none have been created, then the default Organization will be

Some examples:

192.168.1.1-254 = all IP's between 192.168.1.1 and 192.168.1.254

Beyond Security, Inc. 19925 Stevens Creek Blvd.

US: 1-800-801-2821 Cupertino, CA

Intl: +1-408-329-6041 USA

www.BeyondSecurity.com www.SecuriTeam.com

 Contact person: This person will receive an email with a report once the scan

 Click “apply” for the settings to take effect

The system will now find the LSS named in the scan just created. You will see the

10.1.1.5,10.1.1.15,10.1.1.25 = the three IP addresses specified

www.example.com, mail.example.com, ns.example.com

and combinations of the above

is finished. New people (or groups of people) can be added later and this scan

can be modified to include them.

- Wait a few seconds, and click on the “refresh” button just above this message. If

the message disappears, the scanner has acknowledged the scan and a new

panel will appear at the bottom of the page to allow you to schedule the scan:

The default scan frequency is 'daily'. Modify the date scans will start (reference

date) the frequency ('routine') or time of day, if you wish and click “modify

- Once the schedule is ok, click on Enable Scan to have the scan scheduled.

Note: Once the scan is enabled you will have the option to click Immediate Scan to

have the scan start immediately regardless of the schedule or scan window.

Viewing the Scan Status

Once a scan has been configured, you can see it by going to menu item: Scan - Scan

Settings and select the scan from the list to view configuration and status.

Beyond Security, Inc. 19925 Stevens Creek Blvd.

US: 1-800-801-2821 Cupertino, CA

Intl: +1-408-329-6041 USA

www.BeyondSecurity.com www.SecuriTeam.com

Creating a New Web Scan

The AVDS System delivers web application scanning including crawling the web site to

discover dynamic pages and using authentication to log into password protected areas.

The results of the web scan will be integrated into the results of the network scan for that

host for a single report.

To configure a new web scan:

 Go to Scans - Web Scan Settings

 Click on “New” button (below the Web Scan List Table)

 Fill in the following mandatory fields:

 Name: Any string that is descriptive, such as company division, site name, etc.

 Scan: this is the network where the network scan for that host is done. Results

 Hostname: (host to be tested, like: www.acme.com)

 URL Testing Limit: Default is 15

 Check boxes: all unchecked

 Contact Person: This person will receive an email with a report once the scan

 Click “Apply” for the new web scan to be created

 You will now be presented with additional options:

 Configure the schedule and click “Enable Scan” to activate the scan

 Decide whether you want the scanner to crawl the entire web site, or add

 Optional: Configure web site log in authentication (form based or NTML based)

Viewing the Web Scan Status

Once a web scan has been configured, you can see it by going to: Scans - Web Scan

Settings and selecting the web scan from the list.

of the web scan will be integrated with the network scan

is finished. New users (or groups of users) can be added later and this scan

modified to select them.

specific pages to be analyzed for security vulnerabilities

Should you have any questions or require further assistance, please contact Customer

Support@BeyondSecurity.com

US: +1.888.512.6909

UK: +44-118-315-0005

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk