HomeSolutionsProductsSupportServicesTrainingPartnersCompanyContact     


assuriaONLINE Customer and Partner resources Logon / register
     


Assuria Auditor

Assuria Auditor RA

Assuria Information Manager

Regulatory compliance

CVSS and Assuria Auditor

Browser Web Interface

Assuria Auditor WorkBench

OVAL Compatibility

Assuria and HP

Release history

Supported platforms

System requirements

AssuriaOnline download centre

Assuria Auditor RA (Remote Adapter)

The Assuria Auditor RA (Remote Adapter) technology enables remote agent-less scanning by Assuria Auditor. Integrated with the Assuria Auditor, RA uses the same database, checks, policies and reporting as the current Assuria Auditor agents. 

Scanning support is available for Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 and Windows 7, Red Hat Enterprise Linux 5 and SuSE Enterprise Linux (SLES) systems.  RA can scan other Microsoft Windows platforms, including Windows 2000 and Windows Vista*.   Full support for Sun Solaris, HP HP-UX and IBM AIX is being introduced during 2010.

Assuria Auditor RA Summary

  • Remote agent-less credentialed internal host scanning

  • Provides Policy compliance, Configuration Assurance and Vulnerability Assessment capabilities

  • Dedicated User Interface for Remote Adapter

  • Integrated, optional component of Assuria Auditor

  • Uses current Assuria Auditor knowledge base

  • Uses current Assuria Auditor Checks and Policies

  • Results stored in Assuria Auditor Console database

  • Produces integrated Assuria Auditor Reports

  • Assuria communications protocol using WMI / SSH

Figure – Assuria Auditor – Architecture

Assuria RA performs internal scanning and uses securely stored credentials to login to the target host or hosts, once logged-in the RA software can obtain ‘host-based’ system data as if it were resident on the system and running as privileged user.

The RA dedicated user interface component is installed and runs alongside the Assuria Auditor Console. RA has a plug-in architecture that allows Assuria to easily add extra functionality.

 

Assuria Auditor RA user interface provides facilities to:

  • Create and manage Credential Stores to securely store credentials required to access the target hosts.

  • Add hosts or system to be scanned

  • Create sessions. A session is a mapping of Assuria Auditor Policies to target hosts.

  • Run sessions. Scan configured hosts or target systems.

  • Monitor and view session progress

Figure – Assuria Auditor Remote Adapter User Interface

The Hosts and are configured via the User Interface with the name and / or IP address of each host. Hosts can be grouped into arbitrary groups for simpler management of similar systems.  Credentials held in the credential store can be associated with a single Host, any number of Hosts or groups of Hosts.

Assuria Auditor RA requires credentials for login and authentication by the remote host this is usernames and passwords.  Ideally the credentials should give ‘administrator’ access to the host(s) to be scanned.  Running with lower privilege may result in some checks not being able to obtain all the information required to fully function.

Assuria Auditor RA manages the credentials according to the security requirements below:

  • Credentials are never transmitted unencrypted.

  • The ability to use a credential can be restricted to certain individuals.

  • A credential can be used without the users being able to decrypt the credential. (This lets security personnel run scans using, e.g. a ‘superuser’ password supplied by a system administrator, without the person running the scan knowing the password.)

Assuria Auditor RA scan Policies and Checks are identical to those used by the Assuria Auditor resident agents.  Assuria Auditor today has consistent cross platform policy and check naming; this is extended to Remote Adapter. Where functionality is implemented that is unique to the Remote Adapter then unique Remote Adapter names are used. 

The scan results from checks and policies run via RA are imported into the Assuria Auditor database and all Assuria Auditor reports are available. Reports combining both RA and agent based scan results can be produced.

The Assuria Auditor policies supported in Assuria Auditor RA are:

  • Initial-All

  • Initial-1

  • Initial-2

  • Initial-3

  • Initial-4

  • Initial-5

  • Maintenance-All

  • Maintenance-1

  • Maintenance-2

  • Maintenance-3

  • Maintenance-4

  • Maintenance-5

  • SANS_Top_20

  • accountPolicy

  • auditPolicy

  • event-logs

  • logon-settings

  • p2p

  • privileges

  • user-Checks

  • versionChecks

Later releases will provide full support scanning  UNIX (AIX, HP-UX and Solaris).

 

*Assuria Auditor RA can scan Windows 2000 and Windows Vista however a few checks  may return incorrect information. (Applies to Release June 2010) 

 

05/08/2010

© Copyright Assuria Limited 2010.  All rights reserved
Assuria, Assuria Auditor, Assuria Log manager are trademarks of Assuria Limited.
 Legal notice | Site map | Contact Assuria