Greenbone Security Manager with Greenbone OS 20.08 – User Manual¶
Note
GOS 20.08 is a retired GOS version.
The Greenbone Enterprise Appliance should always be operated in a version supported by Greenbone (including patch level). Otherwise, the following problems/effects may occur:
- Functionalities may be missing or limited
- Incompatibilities may occur (e.g., with the feed)
- Scan coverage may be descreased or vulnerability detection may be missing
- No more patches are provided, unfixed bugs or security vulnerabilities may occur
- Quality assurance and documentation are discontinued
- Support is limited to assistance in upgrading to a supported GOS version
This is the manual for the Greenbone Security Manager with Greenbone OS (GOS) version 20.08. Due to the numerous functional and other differences between GOS 20.08 and previous versions, this manual should not be used with older versions of GOS.
The Greenbone Security Manager is under constant development. This manual attempts to always document the latest software release. It is, however, possible that latest functionalities have not been captured in this manual.
Should you have additional notes or error corrections for this manual send an e-mail to the Greenbone Networks Support (support@greenbone.net).
The copyright for this manual is held by the company Greenbone Networks GmbH. The license information for the feeds used by the GSM can be found at https://www.greenbone.net/en/license-information/. Greenbone and the Greenbone logo are registered trademarks of Greenbone Networks GmbH. Other logos and registered trademarks used within this manual are the property of their respective owners and are used only for explanatory purposes.
- 1 Introduction
- 2 Read Before Use
- 3 Greenbone Security Manager – Overview
- 4 Guideline for Using the Greenbone Security Manager
- 5 Setting up the Greenbone Security Manager
- 6 Upgrading from GOS 6 to GOS 20.08
- 7 Managing the Greenbone Operating System
- 7.1 General Information
- 7.2 Setup Menu
- 7.2.1 Managing Users
- 7.2.1.1 Changing the System Administrator Password
- 7.2.1.2 Managing Web Users
- 7.2.1.3 Creating a Web Administrator
- 7.2.1.4 Enabling a Guest User
- 7.2.1.5 Creating a Super Administrator
- 7.2.1.6 Deleting a User Account
- 7.2.1.7 Changing a User Password
- 7.2.1.8 Changing the Password Policy
- 7.2.1.9 Configuring the Settings for Data Objects
- 7.2.2 Configuring the Network Settings
- 7.2.2.1 Switching an Interface to Another Namespace
- 7.2.2.2 Configuring Network Interfaces
- 7.2.2.3 Configuring the DNS Server
- 7.2.2.4 Configuring the Global Gateway
- 7.2.2.5 Setting the Host Name and the Domain Name
- 7.2.2.6 Restricting the Management Access
- 7.2.2.7 Displaying the MAC and IP Addresses and the Network Routes
- 7.2.3 Configuring Services
- 7.2.4 Configuring Periodic Backups
- 7.2.5 Configuring Special Upgrade Settings
- 7.2.6 Configuring the Feed Synchronization
- 7.2.7 Activating or Deactivating the Boreas Alive Scanner
- 7.2.8 Configuring the GSM as an Airgap Master/Sensor
- 7.2.9 Configuring the Time Synchronization
- 7.2.10 Selecting the Keyboard Layout
- 7.2.11 Configuring Automatic E-Mails
- 7.2.12 Configuring the Collection of Logs
- 7.2.13 Setting the Maintenance Time
- 7.2.1 Managing Users
- 7.3 Maintenance Menu
- 7.3.1 Performing a Self-Check
- 7.3.2 Performing and Restoring a Backup
- 7.3.3 Copying Data and Settings to Another GSM with Beaming
- 7.3.4 Performing a GOS Upgrade
- 7.3.5 Performing a GOS Upgrade on Sensors
- 7.3.6 Performing a Feed Update
- 7.3.7 Performing a Feed Update on Sensors
- 7.3.8 Upgrading the Flash Partition
- 7.3.9 Shutting down and Rebooting the Appliance
- 7.4 Advanced Menu
- 7.5 Displaying Information about the Appliance
- 8 Getting to Know the Web Interface
- 8.1 Logging into the Web Interface
- 8.2 List Pages and Details Pages
- 8.3 Dashboards and Dashboard Displays
- 8.4 Filtering the Page Content
- 8.5 Using Tags
- 8.6 Using the Trashcan
- 8.7 Displaying the Feed Status
- 8.8 Changing the User Settings
- 8.9 Opening the User Manual
- 8.10 Logging Out of the Web Interface
- 9 Managing the Web Interface Access
- 10 Scanning a System
- 10.1 Using the Task Wizard for a First Scan
- 10.2 Configuring a Simple Scan Manually
- 10.3 Configuring an Authenticated Scan Using Local Security Checks
- 10.3.1 Advantages and Disadvantages of Authenticated Scans
- 10.3.2 Using Credentials
- 10.3.3 Requirements on Target Systems with Microsoft Windows
- 10.3.4 Requirements on Target Systems with ESXi
- 10.3.5 Requirements on Target Systems with Linux/Unix
- 10.3.6 Requirements on Target Systems with Cisco OS
- 10.3.7 Requirements on Target Systems with Huawei VRP
- 10.3.8 Requirements on Target Systems with EulerOS
- 10.3.9 Requirements on Target Systems with GaussDB
- 10.4 Configuring a Prognosis Scan
- 10.5 Using Container Tasks
- 10.6 Managing Targets
- 10.7 Creating and Managing Port Lists
- 10.8 Managing Tasks
- 10.9 Configuring and Managing Scan Configurations
- 10.10 Performing a Scheduled Scan
- 10.11 Creating and Managing Scanners
- 10.12 Using Alerts
- 10.13 Obstacles While Scanning
- 11 Reports and Vulnerability Management
- 12 Performing Compliance Scans and Special Scans
- 12.1 Configuring and Managing Policies
- 12.2 Configuring and Managing Audits
- 12.3 Using and Managing Policy Reports
- 12.4 Generic Policy Scans
- 12.5 Checking Standard Policies
- 12.6 Running a TLS-Map Scan
- 13 Managing Assets
- 14 Managing SecInfo
- 15 Using the Greenbone Management Protocol
- 16 Using a Master-Sensor Setup
- 17 Managing the Performance
- 18 Connecting the Greenbone Security Manager to Other Systems
- 19 Architecture
- 20 Frequently Asked Questions
- 20.1 Why is the Scanning Process so Slow?
- 20.2 Why Is a Service/Product Not Detected?
- 20.3 Why Is a Vulnerability Not Detected?
- 20.4 Why Is It Not Possible to Edit Scan Configurations/Port Lists/Compliance Policies/Report Formats?
- 20.5 Why Is It Not Possible to Delete Scan Configurations/Port Lists/Compliance Policies/Report Formats?
- 20.6 Why Are Less Scan Configurations/Port Lists/Compliance Policies/Report Formats Visible Than With Previous GOS Versions?
- 20.7 Why Does a VNC Dialog Appear on the Scanned Target System?
- 20.8 Why Does the Scan Trigger Alarms on Other Security Tools?
- 20.9 How Can a Factory Reset of the GSM Be Performed?
- 20.10 Why Does Neither Feed Update nor GOS Upgrade Work After a Factory Reset?
- 20.11 How Can an Older Backup Be Restored?
- 20.12 What Can Be Done if the GOS Administration Menu Is not Displayed Correctly in PuTTY?
- 20.13 How Can the GMP Status Be Checked Without Using Credentials?
- 21 Glossary
- 21.1 Alert
- 21.2 Asset
- 21.3 CERT-Bund Advisory
- 21.4 Compliance Audit
- 21.5 Compliance Policy
- 21.6 CPE
- 21.7 CVE
- 21.8 CVSS
- 21.9 DFN-CERT Advisory
- 21.10 Filter
- 21.11 Group
- 21.12 Host
- 21.13 Note
- 21.14 Vulnerability Test (VT)
- 21.15 OVAL Definition
- 21.16 Override
- 21.17 Permission
- 21.18 Port List
- 21.19 Quality of Detection (QoD)
- 21.20 Remediation Ticket
- 21.21 Report
- 21.22 Report Format
- 21.23 Result
- 21.24 Role
- 21.25 Scan
- 21.26 Scanner
- 21.27 Scan Configuration
- 21.28 Schedule
- 21.29 Severity
- 21.30 Solution Type
- 21.31 Tag
- 21.32 Target
- 21.33 Task
- 21.34 TLS Certificate