Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
656 Views 4 Replies Latest reply: Jul 17, 2013 10:29 AM by tcorrea RSS
tcorrea Newcomer 21 posts since
Sep 24, 2012
Currently Being Moderated

Jun 12, 2013 2:55 PM

Net Scan through a Firewall with MVM 7.x

Hello we need to know if McAfee Found Stone (Vulnerability Manager) 7.0 and/or 7.5 (7.x) Standalone can scan a net outside from it passing over a firewal, like that.

 

Regards,

Tomas Correa.


Tomas Correa M.
Ingeniero de soporte.
NovaRed.

  • jhaynes Community Leader 224 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. Jun 13, 2013 3:40 PM (in response to tcorrea)
    Re: Net Scan through a Firewall with MVM 7.x

    We don't recommend it but yes we can scan through a firewall as long as the firewall is configured to pass all traffic.

     

    Jeff Haynes

    Manager WW Tier III Support Risk &Compliance

    Security Management Business Unit

  • nielsensan Newcomer 1 posts since
    Jun 6, 2013
    Currently Being Moderated
    2. Jul 1, 2013 6:59 AM (in response to tcorrea)
    Re: Net Scan through a Firewall with MVM 7.x

    We are using MVM 7.5 to scan throug firewalls - it works as expected.

     

    Firewall needs to be configured so that MVM traffic are allowed "unaltered" (no proxy or NAT).

     

    It will work if you do as jhaynes proposes to "allow all trafic" - but to me it's a bit drastic.

    Our setup works with only the ports listed in the KB below opened.

     

    https://kc.mcafee.com/corporate/index?page=content&id=KB50834

     

    To check if things are correct setup in the firewall just try to do a quick asset scan.

    If MVM returns assets on all IP adresses and maybe two assests for "live" addresses you have not configured the firewall correct.

     

    BTW we are using Mcfee Enterprise firewall.

     

    Regards

     

    Michael Nielsen

    Security Architect

    Atea A/S

  • John M Sopp The Place at McAfee Member 88 posts since
    Nov 17, 2009
    Currently Being Moderated
    3. Jul 1, 2013 9:36 AM (in response to nielsensan)
    Re: Net Scan through a Firewall with MVM 7.x

    Agreed..scanning through firewalls will work--but--there are circumstances where it's a bad idea.

    I've scanned successfully for years without issue--until a service running as part of of an application misbehaved when it recieved a udp packet.

    So yes, the service was buggy, but it caused a continuous traffic loop with one of my scan appliances on the other side of a firewall, which in turn, caused a state table to fill up in the firewall, which exhausted firewall resources and begain causing some issues with other apps.

     

    I'm looking to get a new appliance for the other side of the firewall to avoid this..at least where there are alot of hosts on "the other side".

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points