Greenbone Enterprise Appliance with Greenbone OS 22.04 – Manual¶
This is the manual for the Greenbone Enterprise Appliance with Greenbone OS (GOS) version 22.04. Due to the numerous functional and other differences between GOS 22.04 and previous versions, this manual should not be used with older versions of GOS.
The Greenbone Enterprise Appliance is under constant development. This manual attempts to always document the latest software release. It is, however, possible that latest functionalities have not been captured in this manual.
Should you have additional notes or error corrections for this manual, contact the Greenbone Enterprise Support.
The copyright for this manual is held by the Greenbone AG. The license information for the feeds used by the Greenbone Enterprise Appliance can be found at https://www.greenbone.net/en/license-information/. Greenbone and the Greenbone logo are registered trademarks of the Greenbone AG. Other logos and registered trademarks used within this manual are the property of their respective owners and are used only for explanatory purposes.
This manual is made available under the Creative Commons Attribution-ShareAlike 4.0 International license. See https://creativecommons.org/licenses/by-sa/4.0/ for details.
Under this license, you are free to:
Share — copy and redistribute the material in any medium or format
Adapt — remix, transform, and build upon the material for any purpose, even commercially
Under the following terms:
Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests Greenbone AG endorses you or your use.
ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
- 1 Introduction
- 2 Read Before Use
- 3 Greenbone Enterprise Appliance – Overview
- 4 Guideline for Using the Greenbone Enterprise Appliance
- 5 Setting up the Greenbone Enterprise Appliance
- 5.1 Setup Requirements
- 5.1.1 Greenbone Enterprise 6500/5400
- 5.1.2 Greenbone Enterprise 650/600/450/400
- 5.1.3 Greenbone Enterprise 150
- 5.1.4 Greenbone Enterprise 35
- 5.1.5 Greenbone Enterprise DECA/TERA/PETA/EXA
- 5.1.6 Greenbone Enterprise CENO
- 5.1.7 Greenbone Enterprise 25V
- 5.1.8 Greenbone Basic Appliance
- 5.1.9 Greenbone Enterprise ONE
- 5.2 Setting up a Hardware Appliance
- 5.3 Setting up a Virtual Appliance
- 5.4 Performing a General System Setup
- 5.5 Logging into the Web Interface
- 5.1 Setup Requirements
- 6 Upgrading the Greenbone Enterprise Appliance to the Latest Major Version
- 6.1 Upgrading the Greenbone Operating System
- 6.2 Upgrading the Flash Partition to the Latest Version
- 6.3 Relogging into the GOS Administration Menu After an Upgrade
- 6.4 Reloading the Web Interface After an Upgrade
- 6.5 New Features and Changes of Default Behavior
- 7 Managing the Greenbone Operating System
- 7.1 General Information
- 7.2 Setup Menu
- 7.2.1 Managing Users
- 7.2.1.1 Changing the System Administrator Password
- 7.2.1.2 Managing Web Users
- 7.2.1.3 Creating a Web Administrator
- 7.2.1.4 Enabling a Guest User
- 7.2.1.5 Creating a Super Administrator
- 7.2.1.6 Deleting a User Account
- 7.2.1.7 Limiting the Number of Concurrent Web Sessions
- 7.2.1.8 Changing a User Password
- 7.2.1.9 Changing the Password Policy
- 7.2.1.10 Configuring the Settings for Data Objects
- 7.2.2 Configuring the Network Settings
- 7.2.2.1 Updating the Networking Mode to gnm
- 7.2.2.2 General Information About Namespaces
- 7.2.2.3 Switching an Interface to Another Namespace
- 7.2.2.4 Configuring Network Interfaces
- 7.2.2.5 Configuring the DNS Server
- 7.2.2.6 Configuring the Global Gateway
- 7.2.2.7 Setting the Host Name and the Domain Name
- 7.2.2.8 Restricting the Management Access
- 7.2.2.9 Displaying the MAC and IP Addresses and the Network Routes
- 7.2.3 Configuring a Virtual Private Network (VPN) Connection
- 7.2.4 Configuring Services
- 7.2.5 Configuring Periodic Backups
- 7.2.6 Configuring Special Upgrade Settings
- 7.2.7 Configuring the Feed Synchronization
- 7.2.8 Configuring the Appliance as an Airgap Master/Sensor
- 7.2.9 Configuring the Time Synchronization
- 7.2.10 Selecting the Keyboard Layout
- 7.2.11 Configuring the E-Mails Settings
- 7.2.12 Configuring the Collection of Logs
- 7.2.13 Setting the Maintenance Time
- 7.2.1 Managing Users
- 7.3 Maintenance Menu
- 7.3.1 Performing a Self-Check
- 7.3.2 Performing and Restoring a Backup
- 7.3.3 Copying Data and Settings to Another Appliance with Beaming
- 7.3.4 Performing a GOS Upgrade
- 7.3.5 Performing a GOS Upgrade on Sensors
- 7.3.6 Performing a Feed Update
- 7.3.7 Performing a Feed Update on Sensors
- 7.3.8 Upgrading the Flash Partition
- 7.3.9 Shutting down and Rebooting the Appliance
- 7.4 Advanced Menu
- 7.5 Displaying Information about the Appliance
- 8 Getting to Know the Web Interface
- 8.1 Logging into the Web Interface
- 8.2 Dashboards and Dashboard Displays
- 8.3 Filtering the Page Content
- 8.4 Using Tags
- 8.5 Using the Trashcan
- 8.6 Displaying the Feed Status
- 8.7 Changing the User Settings
- 8.8 Opening the Manual
- 8.9 Logging Out of the Web Interface
- 9 Managing the Web Interface Access
- 10 Scanning a System
- 10.1 Using the Task Wizard for a First Scan
- 10.2 Configuring a Simple Scan Manually
- 10.3 Configuring an Authenticated Scan Using Local Security Checks
- 10.3.1 Advantages and Disadvantages of Authenticated Scans
- 10.3.2 Using Credentials
- 10.3.3 Requirements on Target Systems with Microsoft Windows
- 10.3.4 Requirements on Target Systems with ESXi
- 10.3.5 Requirements on Target Systems with Linux/Unix
- 10.3.6 Requirements on Target Systems with Cisco OS
- 10.3.7 Requirements on Target Systems with Huawei VRP
- 10.3.8 Requirements on Target Systems with EulerOS
- 10.3.9 Requirements on Target Systems with GaussDB
- 10.4 Configuring a CVE Scan
- 10.5 Using Container Tasks
- 10.6 Managing Targets
- 10.7 Creating and Managing Port Lists
- 10.8 Managing Tasks
- 10.9 Configuring and Managing Scan Configurations
- 10.10 Performing a Scheduled Scan
- 10.11 Creating and Managing Scanners
- 10.12 Using Alerts
- 10.13 Obstacles While Scanning
- 11 Reports and Vulnerability Management
- 12 Performing Compliance Scans and Special Scans
- 12.1 Configuring and Managing Policies
- 12.2 Configuring and Managing Audits
- 12.3 Using and Managing Policy Reports
- 12.4 Generic Policy Scans
- 12.5 Checking Standard Policies
- 12.6 Running a TLS Map Scan
- 13 Managing Assets
- 14 Managing SecInfo
- 15 Using the Greenbone Management Protocol
- 16 Using a Master-Sensor Setup
- 17 Managing the Performance
- 18 Connecting the Greenbone Enterprise Appliance to Other Systems
- 19 Architecture
- 20 Frequently Asked Questions
- 20.1 Why Is the Scanning Process so Slow?
- 20.2 What Influences the Scan Capacity?
- 20.3 Why Is a Service/Product Not Detected?
- 20.4 Why Is a Vulnerability Not Detected?
- 20.5 Why Do the Results for the Same Target Differ across Several Consecutive Scans?
- 20.6 Why Is It Not Possible to Edit Scan Configurations, Port Lists, Compliance Policies, or Report Formats?
- 20.7 Why Is It Not Possible to Delete Scan Configurations, Port Lists, Compliance Policies, or Report Formats?
- 20.8 Why Does a VNC Dialog Appear on the Scanned Target System?
- 20.9 Why Does the Scan Trigger Alarms on Other Security Tools?
- 20.10 How Can a Factory Reset of the Appliance Be Performed?
- 20.11 Why Does Neither Feed Update nor GOS Upgrade Work After a Factory Reset?
- 20.12 How Can an Older Backup or Beaming Image Be Restored?
- 20.13 What Can Be Done if the GOS Administration Menu Is not Displayed Correctly in PuTTY?
- 20.14 How Can the GMP Status Be Checked Without Using Credentials?
- 20.15 What Should Be Done if the Self-Check Shows “RAID Array degraded”?
- 21 Glossary
- 21.1 Alert
- 21.2 Asset
- 21.3 CERT-Bund Advisory
- 21.4 Compliance Audit
- 21.5 Compliance Policy
- 21.6 CPE
- 21.7 CVE
- 21.8 CVSS
- 21.9 DFN-CERT Advisory
- 21.10 Filter
- 21.11 Group
- 21.12 Host
- 21.13 Note
- 21.14 Vulnerability Test (VT)
- 21.15 Override
- 21.16 Permission
- 21.17 Port List
- 21.18 Quality of Detection (QoD)
- 21.19 Remediation Ticket
- 21.20 Report
- 21.21 Report Format
- 21.22 Result
- 21.23 Role
- 21.24 Scan
- 21.25 Scanner
- 21.26 Scan Configuration
- 21.27 Schedule
- 21.28 Severity
- 21.29 Solution Type
- 21.30 Tag
- 21.31 Target
- 21.32 Task
- 21.33 TLS Certificate