5 Replies Latest reply on Mar 31, 2012 11:08 AM by mjmurra

    Need to Add a scan engine.

      Hello Team,

       

      I am new to Mcafee VM. We have existing Foundstone 7.0.5 infrastructure with one scan engine. I have to add a additional scan engine to share the scanning load. Could someone provide me with a document with step by step process to add a scan engine to existing infrastructure.

       

      -- We have all software based VM's with no appliance.

       

      -- Also our current scan engine is running on Windows 2003 server. Can we add another scan engine on windows 2008 server base and still have both scan engine work properly in existing infrastructure ?

       

      Thanks in Advance.

      Amar Deep Singh

      Mckinsey&Company

        • 1. Re: Need to Add a scan engine.
          dmease729

          Hi Amardeep,

           

          With regards to adding a scan engine, as long as the minimum system requirements are met

          (browse to https://secure.nai.com/apps/downloads/my_products/login.asp?region=us&segment=en terprise and enter your grant number to access documentation), then all you need to do is run the Vulnerability Management executable file on the machine you want to be a scan engine, select advanced install, and only select the scan engine and scan controller components - during the remainder of the install you will be prompted to specify the IP/port details for the configuration manager and the database (DB credentials for faultline DB will also be needed).  When the install completes, you should be able to see the host listed in Foundstone Configuration Manager on your management server (whether is is automatically trusted or not will depend upon your FCM preferences, also configured from the FCM console on the management server).

           

          Hope this helps, let me know!

          • 2. Re: Need to Add a scan engine.

            Perfect Reply. Thanks a ton.

             

            -Amardeep

            • 3. Re: Need to Add a scan engine.

              I'm quite confused about this, and the documentation isn't really helping as it says multiple different things.

               

              I am planning to put a new scan engine in a [public facing] DMZ, so need to ensure I only install what is required.

               

              Can someone confirm the following:

              Scan Engine only can be installed (Is the Scan controller absolutely essential?)

              I need to open up 1433 <one way> from the scan engine to the SQL database (is this required if there is no scan controller?)

              I need to open up ports 8301, 8302, 8303 <one way> from the scan engine to the FCM server.

               

              As I said, all of the documentation I am reading says different things - very, very confusing.

              • 4. Re: Need to Add a scan engine.
                dmease729

                Hi,

                 

                Check out my post https://community.mcafee.com/message/201796 - the documentation isnt easy to follow sometimes.  Note that the 2100 appliance is a scan engine appliance, and by default has both the scan engine and scan controller, but you can just install the scan engine component itself (it can be configured to communicate with the scan controller on your current management server).  The scan controller is a relatively new component that was introduced in 6.8 - to understand the interactions, I think Jeff Haynes answered my query perfectly in the above query.

                 

                Hope this helps,

                1 of 1 people found this helpful
                • 5. Re: Need to Add a scan engine.

                  Great advice, and thanks for the link (and background). I think the change in behaviour between pre-6.8 and 7 is causing the confusion in some documentation.

                   

                  Message was edited by: mjmurra on 1/04/12 2:08:37 AM