Accessing the interface
Use this procedure to access the TrueSight Vulnerability Management interface. To log on to the product, your domain must already be registered to use TrueSight Vulnerability Management.
Any user who belongs to an existing security group can use their endpoint manager credentials to log on. For example, if you belong to a role in TrueSight Server Automationand that role has been converted to a security group in TrueSight Vulnerability Management, you can use your TrueSight Server Automation credentials to log on.
The initial logon must be performed by a user from the BLAdmins role in TrueSight Server Automation, a user with rights to the Default realm in TrueSight Network Automation, or the Administrator role in SCCM. The user authenticates with the credentials that were specified during installation. Typically, in TrueSight Server Automation, this user is BLAdmin or a user belonging to a role granted permissions equivalent to BLAdmins. For TrueSight Network Automation, the initial user is typically sysadmin, and for SCCM, the initial user is Administrator. The initial user's role or realm is configured to be the default security group for administrators.
In version 3.1, TrueSight Vulnerability Management introduces support for PKI authentication. To enable PKI authentication, additional configuration is necessary. When that configuration is complete, the user interactions for accessing the portal are different than for other forms of authentication, as described in To access the portal using PKI authentication. PKI is only supported for a TrueSight Server Automation site; it is not supported for other site types.
Important
Starting from version 3.0.01, services for all three deployment types, database, Elasticsearch, and application, are started automatically when you restart the nodes.
This topic includes the following sections:
To access the interface
Using any supported browser, open a login dialog box by accessing this URL:
https://serverName:portNo
serverName is the fully qualified name of the server hosting TrueSight Vulnerability Management. portNo is port number on which you want to access the application. The default is 8443.
The Login dialog box shows the user types depending on the number and type of connectors you have set up during the installation process.Select a User Type based on the type of endpoint manager you will be using.
For example, select Server Automation User (when connecting to TrueSight Server Automation) or Microsoft SCCM User (when connecting to Microsoft Service Center Configuration Manager).
The login dialog provides different options depending on what you select.
Provide the following information:
If you are logging in as a Server Automation user:
Option Description Username Enter the user name you use to access TrueSight Server Automation.
Note
If you use domain authentication to access TrueSight Server Automation and your organization has not defined a default domain, your user ID must include domain information. Enter the domain by using the following format:
UserName@sub1.dev.mycompany.com
where sub1.dev.mycompany.com is a fully qualified domain name.
Password Enter the password you use to access TrueSight Server Automation.
Authentication Method Select one of the following approaches to authentication:
Secure Remote Password—Users authenticate against a registry of authorized users maintained in the central TrueSight Server Automation database. User information is derived from the RBAC utility in TrueSight Server Automation. For more details, see Secure remote password authentication in the documentation for TrueSight Server Automation.
Domain Authentication—Users authenticate by providing a name, domain, and password. For more details, see Domain authentication in the documentation for TrueSight Server Automation.
RSA SecurID—Users authenticate by providing a user name and passcode. The passcode consists of a PIN and the current token code, which is obtained from an RSA SecurID token. For more details, see RSA SecurID authentication in the documentation for TrueSight Server Automation.
LDAP Authentication—Users authenticate by providing an LDAP distinguished name and password. For more details, see Lightweight Directory Access Protocol authentication in the documentation for TrueSight Server Automation.If you are logging in as a Network Automation user:
Option Description Username Enter the user name you use to access TrueSight Network Automation.
Password Enter the password you use to access TrueSight Network Automation.
If you are logging in as an SCCM user:
Option Description Username Enter the user name you use to access SCCM.
Password Enter the password you use to access SCCM. Authentication is based on the SCCM default approach—Active Directory authentication.
Click LOGIN.
The home page opens.
To access the interface using PKI authentication
Note
Some system configuration is required to enable PKI authentication. See Configuring for PKI authentication for details.
Note
To use PKI authentication, you must import a valid client certificate into your browser or you must be using the browser on a computer that is configured for a smart card logon.
Using any supported browser, open a login dialog box by accessing this URL:
https://serverName:portNo
serverName is the fully qualified name of the server hosting TrueSight Vulnerability Management. portNo is port number on which you want to access the application. The default is 8443.
If you have not already selected a certificate, you are prompted to select one. Choose the certificate that applies to TrueSight Vulnerability Management.
If the certificate requires a PIN, enter the PIN ans click OK.
If PKI is implemented, users attempting to log in are presented with the login dialog box for PKI. They cannot log in using other forms of authentication other than PKI.- Click LOGIN.
An information dialog box appears. You can customize the text in this dialog box with the required information that you want to provide to the TrueSight Vulnerability Management users. - Click OK.
The home page opens.
Where to go next
After logging on, the first task in the process of managing vulnerabilities is to import scan files.
Comments
Log in or register to comment.