Accessing and navigating the interface for using with TrueSight Network Automation

Starting 21.02.01, TrueSight Automation Console also supports TrueSight Network Automation as an endpoint manager.

To manage vulnerabilities on the network devices in your environment, you must log on to TrueSight Automation Console using a URL and user profile specific to TrueSight Network Automation. 

Accessing TrueSight Automation Console

1. From a supported browser, enter the following URL to access the console:
   https://<FullyQualifiedDomainHostName>:<portnumber>/tsna/login
2. Enter a username and password.
   You are now on the Vulnerability Dashboard page. 

Overview of the interface

TrueSight Automation Console offers role-based access to the application. The interface is accessible and the user can perform tasks based on the service account or user role. 

Vulnerability Dashboard

When you log on, you land on the Vulnerability Dashboard page. This dashboard offers a holistic view about the vulnerabilities identified on the devices that are imported from a scan file.

Each widget on the dashboard provides additional metrics such as the number of mapped versus unmapped vulnerabilities (Vulnerabilities widget), the vulnerability risk distribution by service level agreements (SLA) (SLA Distribution by), remediation stages (Vulnerabilities by Stage), or the overall distribution (Risk Distribution by). The dashboard also offers a 13 week trend graph for the number of open versus resolved vulnerabilities (Vulnerability Trend). Other widgets on the interface provide metrics about the top 10 vulnerabilities and the top 10 risk owners as of the last data collection interval. 

Configuration

An administrator has access to all the pages on the UI. An operator can access all the pages except the Configuration page. 

The Configuration > SLA page allows you to define the service level agreements (SLA) that decide the period within which the vulnerabilities need to be remediated. 

The  Configuration > Security Groups page lists the user roles that inherit permissions to access the application based on realms. 

Manage

To manage risks, you start with importing a scan file in TrueSight Automation Console. The Manage > Import page shows the list of scan files imported in the application. TrueSight Automation Console support scanning tools such as Nessus, Qualys, and Rapid7. 

Assets

When you connect to TrueSight Network Automation, all devices available in the application appear in the Managed Assets page. When you import a scan file, the network devices in the file are displayed on the Assets > Scanned Assets page.

Risks

The vulnerabilities from the scan file appear on the Risks > Vulnerabilities page, which contains information such as the vulnerability name, CVE IDs, severity, status, remediation, and impacted assets against each vulnerability. If you expand a vulnerability, additional details for each asset are displayed. 

Operations

The Operations page shows a list of operations, which perform remediation actions for resolving vulnerabilities on the specified assets. 

Common UI elements

Apart from the horizontal menu, there are some common UI elements that enable you to perform miscellaneous actions in the application. 

• Click  to launch the Manage Connectors page. You can edit, update, and delete a connector from this page. Only administrators can manage connectors. 
• Click the help icon  to launch the context-sensitive help.
• Click Security Group > About to view the product name and version.

Where to go next

To start with managing risks for network assets, you must import a scan file in Automation Console. For more information, see Working-with-scans.