Installation guide

Abbreviations

The following abbreviations are used throughout this documentation:

LCE

Log Correlation Engine

PVS

Passive Vulnerability Scanner

SecurityCenter

SSH

Secure Shell

IDS

Intrusion Detection System

SecurityCenter Administrator Functions

SecurityCenter administrators have the following responsibilities:

 Manage the configuration of each SecurityCenter organization and which networks they are allowed to scan

 Manage scan policies, custom audit files, and credentials for all organizations

 Manage the network of active Nessus scanners, the network “zones” they belong to and the networks they are

allowed to scan

 Manage the network of Passive Vulnerability Scanners and what organizations have access to their detected real-

time vulnerabilities

 Manage which Log Correlation Engines each organization has access to and what repositories the LCE will

correlate against

 Manage Log Correlation Engine Client configurations

 Delete accept and recast risk rules created by organizational users

 Manage what external data feeds (IDS information, PVS plugins, and Nessus plugins) SecurityCenter is

subscribed to

 Manage the SecurityCenter services

 Add and manage other SecurityCenter administration users

 Add and manage custom roles that are available to all organizations

 Review SecurityCenter log files and job queues

Starting/Halting SecurityCenter

When SecurityCenter is installed and licensed, the required services are started by default. To display the status of

SecurityCenter services, enter the following command as the root user on the SecurityCenter server:

# service SecurityCenter status

If SecurityCenter services are running, the following message will be displayed:

SecurityCenter (Jobd.php httpd) is running...

Otherwise, the message will state “SecurityCenter is stopped”.

To start SecurityCenter, enter the following command: