System requirements
Before you install the product, ensure that your environment meets the hardware and software requirements listed in the following sections:
Third-party software
TrueSight Vulnerability Management is bundled with the following third-party software:
Product version | Elasticsearch version | PostgreSQL version | Java version | Apache Tomcat web server version | Docker Container Operating System |
---|---|---|---|---|---|
3.1 | 6.8.0 | 10.3.2 | AdoptOpenJDK 11.0.2+9 | 9.0.19 | Alpine Linux 3.9.2 |
Docker requirements and supported operating systems
TrueSight Vulnerability Management supports Docker on the following operating systems:
- Red Hat Enterprise Linux 7.x
- CentOS 7.x
TrueSight Vulnerability Management requires the following version of Docker:
Utility | Version |
---|---|
docker | 1.13.1 or later (Docker CE) |
docker-compose | 1.19.0 |
Python and Python module requirements
TrueSight Vulnerability Management requires version 2.7.x of Python.
You can use the pip utility version 9.0.1 or later to install the following Python modules:
Module | Version |
---|---|
docker | 2.7.0 |
docker-compose | 1.19.0 |
PyYAML | 3.12 |
setuptools | 0.9.8 |
netifaces | 0.10.7 |
netaddr | 0.7.19 |
docker-pycreds | 0.2.2 |
Database requirements
TrueSight Vulnerability Management supports PostgreSQL version 10.3.2. You can install the database either by using the executables provided on the BMC Electronic Product Distribution (EPD) site, or you can use an existing, external PostgerSQL installation for the TrueSight Vulnerability Management application.
The following table describes the requirements and recommendations for a PostgreSQL database that you can use for optimal performance.
Configuration item | Recommendation/ Requirement |
---|---|
Users, Roles |
|
Password | Database password cannot contain any special character, such as question mark (?). |
Schema and Tablespaces |
|
Libraries | Install the libraries required for an external PostgreSQL instance using the following command: yum install postgresql11-server postgresql11-contrib |
Client Authentication | Make sure all TrueSight Vulnerability Management server computer can access the database server by allowing access to the pg_hba.conf file. |
Instance parameters | BMC recommends adding or updating the following parameters in the configuration of the database server in the postgresql.conf or equivalent file. After you change these values, you need to restart the database server. listen_addresses = '*' |
Product requirements and compatibility
This section lists the endpoint manager requirements and other BMC product requirements with which Vulnerability Management is integrated.
Endpoint manager requirements
When connecting TrueSight Vulnerability Management to TrueSight Server Automation, TrueSight Network Automation, or SCCM, the following versions of endpoint managers are supported.
Endpoint manager | Supported versions |
---|---|
TrueSight Server Automation | |
TrueSight Network Automation | |
SCCM | Microsoft System Center 2017 Configuration Manager
|
Supported target platforms for mapping of vulnerabilities
TrueSight Vulnerability Management supports different target platforms depending the type of endpoint manager you are using, as listed in the following table.
Endpoint manager | Supported target platforms |
---|---|
TrueSight Server Automation |
For other platforms, only manual mapping of vulnerabilities is permitted. Keep in mind that you cannot perform manual mapping that involves patch catalogs. |
TrueSight Network Automation | Any device supported by TrueSight Network Automation can be the target of remediation as long as remediation rules have been created for that device. |
SCCM | Auto-mapping and manual mapping are supported for the latest software updates supported by Windows. Manual mapping is supported for applications and application packages. |
SCCM requirements
Server running the connector for SCCM must meet the following requirements.
Configuration | Required Value |
---|---|
Operating System | Microsoft Windows 2012 R2 |
CPUs | 4 |
Available memory | 16 GB |
Disk space | 20 GB free space |
Java | AdoptOpenJDK 11.0.2 |
Communication requirements |
|
Active Directory domain |
|
Compatibility with other BMC products
Some features of TrueSight Vulnerability Management work in conjunction with other BMC products and versions, as listed in the following table.
Product | Version |
---|---|
BMC Discovery | |
TrueSight Orchestration Platform | |
TrueSight Orchestration Content | |
BMC Remedy IT Service Management |
Port requirements
Port | Protocol | Configured on | User can choose port number? | Firewall exception needed? | Description |
---|---|---|---|---|---|
8443 | TCP | Host containing the TrueSight Vulnerability Management application installation | Yes (at the time of installation) | Yes | Secure port used to access the TrueSight Vulnerability Management application using HTTPS |
5000 | TCP | Host containing the TrueSight Vulnerability Management application installation | Yes (at the time of installation) | Yes | Port used for communication with the Docker repository |
9443 | TCP | Host containing the TrueSight Vulnerability Management application installation | Yes (at the time of installation) | Yes | Port used for the WorkManager communication |
5432 | Host containing the database installation | Yes (at the time of installation) | Yes | Port used by the database (PostgreSQL) for communication | |
9200 | HTTP | Host containing the Elasticsearch installation | Yes (at the time of installation) | Yes | Port used for monitoring the Elasticsearch server. After installation, you can disable HTTP traffic with the Elasticsearch server if an open HTTP port is a security concern. |
9300 | TCP | Host containing the Elasticsearch installation | Yes (at the time of installation) | Yes | Port used for required transport layer traffic with the Elasticsearch server. |
Supported browsers for accessing TrueSight Vulnerability Management
- Google Chrome 71 or later
- Mozilla Firefox 67 or later
Minimum resolution
The minimum monitor resolution that TrueSight Vulnerability Management supports is 1280 x 1024.
Where to go next
After ensuring that minimum requirements are met, you are ready to install the product.