cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
loewi
Level 7
Report Inappropriate Content
Message 1 of 3

Question: Firewall Configuration for external Web Application Scans

Hi everybody,

I'm new to this community and I also do not have a lot of experience with the McAfee VM so please excuse my questions.

I want to implement the following scenario:

A Vulnerability Manager Scan Engine (appliance) should be placed in the internet and this scan engine should scan our web applications for vulnerabilities (we want to get the view like an prospective attacker will get when he tries to scan/attack our web applications). This Scan Engine should report the results of the scans to an internal Vulnerability Manager. The web application scan activities should be controlled centrally with the internal vulnerability Manager.

*) Is it possible to implement such a scenario in a secure way?

*) Which ports will be used by the external scan engine to transfer the result to the internal vulnerability manager?

*) Will all the result from the external scanner be transfered via a secured channel to the internal VM?

Thanks for your help in advance!

Kind Regards,

Wolfgang

2 Replies
dmease729
Level 11
Report Inappropriate Content
Message 2 of 3

Re: Question: Firewall Configuration for external Web Application Scans

Hi Wolfgang,

Ports required depends on exactly what components you have installed on the servers in question.  To understand how all components interact, and the ports required, refer to the best practises guide here: http://b2b-download.mcafee.com/products/evaluation/mcafee_risk_compliance/v7.5/manuals/mvm750_best_p...

As far as I recall, not all communication is secure, but I would need to go back to review this myself.  Where will the scan engine be placed - is it a remote data centre?  somebodys house?

Hope this helps,

loewi
Level 7
Report Inappropriate Content
Message 3 of 3

Re: Question: Firewall Configuration for external Web Application Scans

Hi,

Thanks for your answer and for providing me the best practice guide. The scan Engine will be placed in our datacenter but before the firewall and should report the result to an internal Vulnerability Manager(and scan controller, located behind the firewall). The scan engine  should our web application and should provide an attacker's view to our webapplication.

Is it enough to open port 3803 and 443 or are there any other ports necessary?

Kind Regards,

Wolfgang

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community