11. Asset Management

The GSM stores all results of a scan in the asset management if this is defined when creating a new task (see Chapter Creating a Task). When defining a task it can be determined whether the results of a scan should be recorded in the asset management (see section Creating a Task).

While the asset management of older GOS versions is still available (see section Classic Asset Management) the new asset management offers additional features.

11.1. Dashboard

The dashboard provides a quick overview of the found and scanned systems including their operating systems, vulnerabilities and severities. The dashboard can be accessed by selecting Assets > Dashboard in the menu bar.

_images/asset-dashboard.png

Assets dashboard

11.2. Creating and Editing Hosts

All scanned hosts can be displayed by selecting Assets > Hosts in the menu bar.

_images/assets-hosts.png

Page Hosts displaying all scanned hosts

11.2.1. Modifying Hosts

While displaying the main information of the hosts like IP addresses, host names, operating systems, and maximum severities this view is also used to alter the stored information.

For each host the following actions are available:

  • delete Delete the host from the asset management.
  • edit Edit the host. Currently only comments can be added.
  • new Create a scan target based on the asset. The window for creating a target is opened and the input box Hosts is prefilled.
  • download Download the asset in XML format.

Note

By clicking delete, new or download below the list of hosts more than one host can be deleted, used to create a target or downloaded. The drop-down-list is used to select which hosts are deleted, used to create a target or downloaded.

A target with a set of hosts can be created as follows:

  1. Filter the hosts so that only the hosts that should be used for the target (e.g. only Microsoft Windows hosts) are displayed.

  2. Create a new target by clicking new below the list of hosts (see figure Creating a target with the displayed hosts).

    → The window for creating a target is opened. The input box Hosts is prefilled with the set of displayed hosts.

    _images/assets-hosts-bottom.png

    Creating a target with the displayed hosts

Note

If additional suitable hosts show up in further scans they will not be added to the target.

11.2.2. Adding Hosts

Hosts can be added to the asset management as follows:

  1. Select Assets > Hosts in the menu bar.
  2. Create a new host by clicking new in the upper left corner of the page.
  3. Define the host. Currently only the IP address and a comment can be provided.
_images/assets-hosts-add.png

Creating a new host

This feature is also available via GMP (see section Configuring GMP). The import of hosts from a configuration management database can be achieved using this option.

11.2.3. Host Details

Select Assets > Hosts to open the page Hosts and click on the name of a host in the list of hosts. The host details are displayed including:

  • Comment
  • Host name
  • IP address
  • Operating system
  • Route
  • Maximum severity

Additionally, the identifiers of the system are displayed, especially SSH keys and X.509 certificates.

_images/assets-hosts-details.png

Details of a host

11.3. Operating Systems View

The operating systems view within the asset management provides a different view on the stored data. While the hosts view is centered on the individual hosts, this view concentrates on the used operating systems.

The operating systems can be displayed by selecting Assets > Operating Systems in the menu bar. This view displays the latest, the highest and the average severity of all hosts using the same operating system (see figure Page Operating Systems displaying all scanned operating systems).

_images/assets-os.png

Page Operating Systems displaying all scanned operating systems

By clicking on the name of an operating system in the list, the details page of the operating system is shown.

By clicking on the hosts (see figure Details page of an operating system), the page Hosts is opened showing only the hosts using this operating system.

_images/assets-os-details.png

Details page of an operating system

11.4. Classic Asset Management

The classic asset management is opened by selecting Assets > Hosts (Classic) in the menu bar.

_images/assets-classic.png

The asset database displays the stored systems.

It is displayed how many security holes were discovered on the systems. In addition, the overview displays the operating system with a logo (OS column) and the discovered ports and applications. Also, it is being displayed how a scan of the system would possible turn out at this moment (Prognosis column, see also Chapter Running a Prognosis Scan). Via the prognosis a prognostic report can be created as well. Through the asset management you can always access the last report of the host. The date of the report is visible and can be accessed directly by clicking on the link. If multiple reports exist, older reports can be accessed in the host details. By clicking on the host IP address the host details can be accessed. Here the amount of discovered vulnerabilities, the identified operating system, the discovered ports and the amount of detected applications on the system can be viewed.

_images/details-classic.png

The host details contain further information on the host.

The host details contain additional information of the system:

Hardware
The GSM stores information about the hardware. If the MAC address is known, it is listed here. It can only be displayed though if the target system is on the same LAN as the GSM.
Detected Applications
Especially of interest are the detected applications. With this the Greenbone Security Manager can give a prognosis based on its SecInfo database without re-scanning if additional security risks would be found. This is especially of interest for systems that currently do not have any vulnerability and new scans are not being performed regularly.