Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

DRAFT

Introduction

Security Analysis Solution (SAS) expects connectivity to various locations on the Internet to the configuration information it uses. If you have a SMP server (Notification Server) that does not have access to internet then by default SAS will not function. This document describes a manual procedure to get your system up and running for this "off-internet" scenario.

Errors during Initial Configuration

When installing SAS using SIM, the initial configuration starts a number of download tasks. These will fail causing errors in log such as the following:

Source: Arellia.SMP.SecurityAnalysis.Resources.ScapContentResource.DownloadFromSource
Description: Exception downloading file C:\ProgramData\Arellia\ScapContent\nvdcve-2.0-2002-2006_NVD CVE v2.0 - 2002-2006 (98a6f6d7-aa55-4536-be45-86de0725726e)\nvdcve-2.0-2002-2006.zip from http://portal.arellia.com/data/scap/nvdcve-2.0-2002-2006.zip.

( Exception Details: System.Net.WebException: The remote name could not be resolved: 'portal.arellia.com'
at System.Net.WebClient.DownloadFile(Uri address, String fileName)
at Arellia.SMP.SecurityAnalysis.Resources.ScapContentResource.DownloadFromSource() )

Source: Arellia.SMP.SecurityAnalysis.TaskManagement.ServerTasks.ImportScapContentDataSources.OnExecute
Description: Exception caught in task Register: MITRE Oval Definitions - Recently Modified (721d1095-5241-4a2d-992f-6745a0f1f739) processing resource MITRE Oval Definitions - Recently Modified (1fe03854-1fcf-4e53-94a7-ea56e132f4e9)

( Exception Details: System.Exception: Exception downloading file C:\ProgramData\Arellia\ScapContent\MITRE-Oval-Definitions-Recently-Modified_MITRE Oval Definitions - Recently Modified (1fe03854-1fcf-4e53-94a7-ea56e132f4e9)\MITRE-Oval-Definitions-Recently-Modified.xml from http://oval.mitre.org/repository/data/LatestDefinitionDownload?type=modified&Range=DAY0_TO_7&Class=0. ---> System.Net.WebException: The remote name could not be resolved: 'oval.mitre.org'

The Checklist

Running the console and choosing the Profiles tab will take you to the Download Profiles view. It will look like the following:

Copy arellia-checklist-1.3.xml to %ProgramData%\Arellia\ScapChecklists and choose Try Again and you'll then see the list of available checklists. This page when "off-internet" is only useful in that it shows you the URLs of the profile content you can take note of and use on a system having internet access to download various zip and xml files. See later under "Importing Profiles".

Default Content

There are a number of default SCAP Data Sources that are registered by default. You need to source these on a system with internet access, copy them to correct folders on the SMP server, and re-run the registration tasks (that failed during initial configuration as described above).

  • Copy the set of default scap content files keeping the directory structure to %ProgramData%\Arellia\ScapContent.

    To add info on how to source the default set of content. Do we provide it or do we ask that the customer copy from a another system they may have been testing or evaluating on. To discuss.

  • Re-run each of the "Register: XXX tasks" by right clicking on each of the failed task runs and choosing Start Now. There are 10 of these tasks to run. See the following screen shot showing where these tasks can be found.

Importing Profiles

The download profiles page shows the links but they will fail to import. You need to perform the downloads on a system that does have internet access and then copy the downloaded files to a location accessible from your Arellia Console. Once the files are available you then use the Import Profile action on the Profiles tab (bottom left). Choose the profile content file and import.

  • Work is in progress to make a view available from on online portal that shows the same links. Or you can go direct to the various official sites. (links to be provided).
  • To set expectations - profile imports can take a while, whether connected to the internet or not - on the order of an hour for a handful of profiles.
  • No labels