Professional Documents
Culture Documents
Copyright 2013 Rapid7, LLC. Boston, Massachusetts, USA. All rights reserved. Rapid7 and Nexpose are trademarks of Rapid7, LLC. Other names appearing in this content may be trademarks of their respective owners.
Revision history
Revision Date
December 10, 2012 April 24, 2013
Description
Doc version 1.0. Created document. Doc version 1.1. Updated screen shots to reflect current Nexpose Web interface.
Contents
Contents ................................................................................................................................ 3 About this guide ..................................................................................................................... 4 What is the Virtual Appliance? ................................................................................................ 4 Components of the Virtual Appliance ..................................................................................... 4 Other documents and Help ..................................................................................................... 5 Document conventions ........................................................................................................... 6 For technical support .............................................................................................................. 6 Deploying the Virtual Appliance ............................................................................................. 7 Supported environments ......................................................................................................... 7 Downloading the Virtual Appliance ......................................................................................... 7 Deploying in VMware Player ................................................................................................... 8 Deploying in VMware Workstation ....................................................................................... 10 Deploying in vCenter or VMware ESX(i) ................................................................................ 12 Administering the Virtual Appliance ...................................................................................... 15 Logging onto the Security Console ........................................................................................ 16
Scan Engines perform asset discovery and vulnerability detection operations. You can deploy them outside your firewall, within your secure network perimeter, or inside your DMZ to scan any network asset. The Security Console communicates with Scan Engines to start scans and retrieve scan information. All exchanges between it and Scan Engines occur through encrypted SSL sessions over a dedicated TCP port that you can select. For better security and performance, Scan Engines do not communicate with each other; they only communicate with the Security Console.
When an asset is scanned for the first time, the Security Console creates a repository of information about that asset in its database. With each ensuing scan of the asset, the console updates the information in the repository. The Security Console includes a Web-based interface for configuring and using the application. An authorized user can log on to this interface securely using HTTPS to perform any task that his or her role permits. See the section Managing users and authentication in the administrator's guide. The authentication database is stored in an encrypted format on the console server, and passwords are never stored or transmitted in plain text. Other Security Console functions include generating user-configured reports and regularly downloading patches and other critical updates from the central update system. When you deploy the Virtual Appliance, you will operate a Security Console with a local Scan Engine.
Quick-start guide
The quick-start guide provides simple steps for running scans, viewing results, and creating reports.
Users guide
The users guide helps you to gather and distribute information about your network assets and vulnerabilities using the application. It covers the following activities:
logging onto the Security Console and familiarizing yourself with the Web interface managing vAsset discovery setting up sites and scans running scans manually viewing asset and vulnerability data creating remediation tickets using preset and custom report templates using report formats reading and interpreting report data configuring scan templates configuring other settings that affect scans and reports
Administrators guide
The administrators guide helps you to ensure that Nexpose works effectively and consistently in support of your organizations security objectives. It provides instruction for doing key administrative tasks:
configuring host systems for maximum performance planning a deployment, including determining how to distribute scan engines managing users and roles maintenance and troubleshooting
Document conventions
Words in bold are names of hypertext links and controls. Words in italics are document titles, chapter titles, and names of Web interface pages. 1. Steps of procedures are indented and are numbered.
Items in Courier font are commands, command examples, and directory paths. Items in bold Courier font are commands you enter. Variables in command examples are enclosed in box brackets. Example: [installer_file_name] Options in commands are separated by pipes. Example: $ /etc/init.d/[daemon_name] start|stop|restart Keyboard commands are bold and are enclosed in arrow brackets. Example: Press and hold <Ctrl + Delete>
NOTES, TIPS, and WARNINGS appear in the margin.
enhances a description or a procedure. provides additional details that only apply in certain cases.
TIPS provide hints, best practices, or techniques for completing a task. WARNINGS provide information about how to avoid potential loss of data or damage to data or a loss of system integrity. Throughout this document, Nexpose is referred to as the application.
Send an e-mail to support@rapid7.com (Enterprise and Express Editions only). Click the Support link on the Security Console Web interface. Go to community.rapid7.com.
Supported environments on page 7 Downloading the Virtual Appliance on page 7 Deploying in VMware Player on page 8 Deploying in VMware Workstation on page 10 Deploying in vCenter or VMware ESX(i) on page 12 Administering the Virtual Appliance on page 15
Supported environments
The Virtual Appliance is tested and supported in the following environments:
VMware Player 4.x or later VMware Workstation 8.x or later VMware vCenter 4.1 or later VMware ESX(i) 4.1 or later
3.
Locate the downloaded Virtual Appliance file, and click Open. VMware Player displays the Import Virtual Machine window.
4. 5. 6.
Optional: Rename the Virtual Appliance file name if desired. Specify the storage location for the Virtual Appliance. Click Import. The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file. When the import process is complete, the Virtual Appliance appears on the list of available virtual machines in VMware Player.
7.
Select the Virtual Appliance, and click Play virtual machine. VMware Player displays a window with for the Virtual Appliance as it starts up.
3.
Locate the downloaded Virtual Appliance file, and click Open. VMware Workstation displays the Import Virtual Machine window.
4. 5. 6.
Optional: Rename the Virtual Appliance file name if desired. Specify the location for the Virtual Appliance once it is imported. Click Import. The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file.
7.
When the import process is complete, select the Virtual Appliance from the list of available virtual machines in VMware Workstation.
10
8.
Click Power on this virtual machine. VMware Workstation displays a window with for the Virtual Appliance as it starts up.
11
2.
Locate the downloaded Virtual Appliance file, and click Next. The OVF Template Details panel appears for configuring Virtual Appliance settings.
3. 4. 5.
Enter a name for the Virtual Appliance. Select an inventory location, and click Next. Select a host or cluster for the Virtual Appliance, and click Next.
12
6. 7. 8. 9.
Select a resource pool, and click Next. Select a data store, and click Next. Select Thick Provision (recommended setting) for the disk format, and click Next. Select a network mapping, and click Next.
10. In the Networking Properties pane, enter network-related information for the Virtual Appliance OR If you are using network auto-configuration through DHCP, leave the fields blank, and click Next.
13
12. When the import process is complete, select the Virtual Appliance from the list of available virtual machines.
13. Click Power on. Then click the Console tab to view a window for the Virtual Appliance appears as it starts up.
14
It is strongly recommended that you change the Virtual Appliance logon password. To do so, enter the following command:
passwd
In response to the following prompts, enter your current password, enter your new password, and then re-enter the new password for confirmation. You will need the IP address of the Virtual Appliance in order to log onto to the Web interface and start performing Nexpose operations. To find out the address, run the following command:
ifconfig eth0
15
1.
Internet Explorer 7.0.x, 8.0.x, and 9.0 Mozilla Firefox 10.0.x Google Chrome
Start a Web browser. Enter the URL for the Virtual Appliance. Indicate HTTPS protocol, and specify port 3780. Example: https://10.0.0.1:3780 Your browser displays the Logon window.
2.
Enter the default user name (nxadmin) and password (nxpassword). User names and passwords are case-sensitive and non-recoverable.
Logon window
NOTE: If the logon window indicates that the Security Console is in maintenance mode, then either an error has occurred in the startup process, or a maintenance task is running. .
3. 4.
Click the Logon button. If you are a first-time user and have not yet activated your license, the Security Console displays an activation dialog box. Enter your product key. If you do not have a product key, click the link to request a key for the Community Edition. Doing so will open a page on the Rapid7 Web site, where you can register to receive a key by e-mail. OR Go to the Rapid7 Web site (rapid7.com) to request evaluation versions of other Nexpose editions, such as Enterprise Edition.
16
After you receive the product key, log on again and enter the product key in the activation window.
NOTE: If the Security Console displays a warning that authentication services are unavailable, and your network uses an external authentication source, have your Global Administrator verify that the source is online and correctly configured. .
5. 6.
Click Activate to complete this step. The Security Console displays the Home page. Click the Help link on any page of the Web interface for information on how to use the application.
The first time you log on, you will see the News page, which lists all updates and improvements in the installed system, including new vulnerability checks. If you do not wish to see this page every time you log on after an update, clear the check box for automatically displaying this page after every logon. You can view the News page by clicking the News link that appears near the top right corner of every page of the console interface. After you log on, youre ready to start using the Virtual Appliance. For simple steps to get started with scanning and running reports, download the quick-start guide by clicking the Support link that appears on any page of the Web interface. For more detailed instructions, download the users guide from the Support page, or click Help.
17