Configuring Workstations for Automated Collections

This section provides orientation on some of the main configurations necessary in the technology assets so that they are compatible with the collection service, as well as troubleshooting information for the most common issues related to it.

For details on automated collections, see Chapter 17: Administration -> Settings -> Collector Servers.

Access to the port for each service whose configurations will be verified is required for the risk evaluation to be successful, since the collection service (modSIC) makes remote connections during collections in assets. The table below indicates the services used by modSIC to connect to assets according to the type of knowledge base.

 

Knowledge Base Type

Privileges

Windows

The WMI, Administrative Share, and RPC services must be enabled.

Unix family

The SSH service must be enabled. The user can select any port for connection before the collection is requested.

SQL database

The remote TCP connection should be enabled and the user should have a connection string with the appropriate credentials.

 

In the case of an Oracle database, Oracle 11g Client must be installed on the server where the collector service (modSIC) is running. The remote TCP connection should be enabled and the user should have the connection string with the appropriate credentials.

Cisco iOS

The telnet service must be enabled and listening to port 23.

 

Before requesting a collection in risk projects, the connection between these services (WMI, SSH and telnet) and modSIC can be tested. For details, see Chapter 5: Risk -> Risk Management Projects -> Risk: the Analysis Phase -> How to Request Remote Automated Collections.