3.1 enhancements

This topic provides an overview of the enhancements in version 3.1 of TrueSight Vulnerability Management.

Change Automation

Vulnerability Management now supports the operator-initiated Change Automation for the following endpoint managers:

  • TrueSight Server Automation

  • TrueSight Network Automation
  • Microsoft System Center Configuration Manager (SCCM)

In earlier versions, endpoint managers are responsible for creating and tracking the change ticket in the change management system (such as BMC Remedy IT Service Management). In version 3.1, Vulnerability Management creates and tracks the change request, thus eliminating the dependency on the endpoint managers. For more information about Change Automation, see Change Automation.


Integration with the Nessus scanner

Vulnerability Management version 3.1 supports direct integration with the Nessus scanner. This integration allows you to download and import vulnerability scans from the Nessus server automatically, without any need for exporting the scans from Nessus or manually importing the scans into Vulnerability Management. After successful import, assets and vulnerabilities are mapped automatically. For more information, see Integrating with Nessus scanner.


PKI authentication

Vulnerability Management version 3.1 supports the use of public key infrastructure (PKI) to authenticate users who present the common access card (CAC) or who have imported a valid client certificate into their browser. To enable PKI authentication, you need to configure Vulnerability Management.

After PKI is enabled, when you log onto Vulnerability Management, you only need to choose a Vulnerability Management site that is configured for PKI and enter a PIN if your certificate requires one. No user ID and password are necessary.


Configuring Data Refresh interval

In version 3.1, you can configure the interval at which vulnerability data of an endpoint manager should be regularly updated in Vulnerability Management. The default interval is 60 minutes. For more information, see Configuring a Data Refresh profile.


Support for version 6.8.0 of Elasticsearch

Vulnerability Management version 3.1 uses Elasticsearch version 6.8.0, which supports authentication by default, hence your Elasticsearch deployment is secured. You can disable the authentication if needed. For more information, see Configuring authentication for Elasticsearch.


Third-party software support

Vulnerability Management version 3.1 is bundled with the following third-party software:

  • AdoptOpenJDK 11.0.2+9
  • Apache Tomcat web server 9.0.19
  • Alpine Linux 3.9.2


Product requirements and compatibility

This section lists the endpoint manager requirements and other BMC product requirements with which Vulnerability Management is integrated.

Endpoint manager requirements

When connecting TrueSight Vulnerability Management to TrueSight Server Automation, TrueSight Network Automation, or SCCM, the following versions of endpoint managers are supported.


Endpoint managerSupported versions
TrueSight Server Automation

20.02
8.9.04.001
 
8.9.04 
8.9.03

TrueSight Network Automation

20.02
8.9.04.001
8.9.04
8.9.03

SCCMMicrosoft System Center 2017 Configuration Manager
  • Console version 5.0.8498.1700
  • Site version 5.0.8498.1000
  • Microsoft System Center 2016 Configuration Manager
    • Console version 5.0.8412.1313
    • Site version 5.0.8412.1000
  • Microsoft System Center 2012 Configuration Manager SP2
    • Console version 5.0.8239.1000
    • Site version 5.0.8239.1000
  • All supported versions of SCCM have the following additional requirements:

Compatibility with other BMC products

Some features of Vulnerability Management version 3.1 work in conjunction with other BMC products and versions, as listed in the following table.

ProductVersion
BMC Discovery11.3
TrueSight Orchestration Platform

8.2,
8.1

TrueSight Orchestration Content

20.19.01 Patch 1,
20.18.01 + 20.19.01 Patch 1

BMC Remedy IT Service Management

9.1.03 - 19.02


Downloading, installing, and upgrading

For installation instructions, see Downloading the installation files and Installing.

You can upgrade to version 3.1 from the following versions. For instructions, see Upgrading.

  • 3.0
  • 3.0.01
  • 3.0.01.001

Related topic

Known and corrected issues

Was this page helpful? Yes No Submitting... Thank you

Comments