Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 70 Next »

Weekly Group Onboarding Sessions

Join our weekly group onboarding sessions led by our consulting team.

Tap the image below or visit http://www.connectsecure.com/onboarding

image-20240409-134634.png

V4 Agent Prerequisites

We have a dedicated page with the V4 agent prerequisites for a smooth-running ConnectSecure agent and portal. This includes the Ports, IPs, Domain, and general whitelisting information. Please refer to this page before completing your onboarding: V4 Agent Prerequisites


Accessing ConnectSecure V4

The ConnectSecure portal is found here:

https://portal.myconnectsecure.com/sign-in

If you have an account created but are having trouble logging in, please check out our user password and MFA reset guide; tap the link below.

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2111111353/V4+User+Management+and+Security#Reset-Password-%2F-MFA


Onboarding Check List Table of Contents


Setup Users and Security

CS-How-To.png
  • Review our User Management and Security Guide here: https://cybercns.atlassian.net/wiki/x/uQDVfQ
  • You can review your user account details in the User Avatar > Profile section, where you can add additional Password and Security options.
image-20240502-201855.png

Configure Global Settings

Global Settings apply to all companies in your portal and auto-apply to any new ones created.

Navigate to Global > Settings > Global Settings and review the options.

While most of the default options will suffice, reviewing each one is important to become familiar with what's available and set by default.

We recommend you check at least the following global default settings:

See the full Global Settings documentation here: https://cybercns.atlassian.net/wiki/x/uICUgQ


Configure Global Scheduler

The Global Scheduler is where you can configure automatic jobs for Scans, Patching, and Reporting. Remember, you can also configure the Company Scheduler for company-level jobs if you do not want it globally.

image-20240627-173212.png

Scan Scheduler

  • Configure Global Scan Scheduler

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Scan-Scheduler

Below is a sample scan recommendation.

Automated Scan Schedule Recommendations

Scan Job Name

Scan Type

Frequency

Target Time

Agent Type

Daily Full Scan - All Companies

(Includes Active Directory, Compliance, Firewall, and Network Scans)

Full Scan

Once Per Day

During business hours, we want assets to be online for scanning

Probe

Daily ASM Scan - All Companies

Attack Surface Mapper

Once Per Day

After hours, any time

Non-Agent Scan

Daily External Scan - All Companies

External Scan

Once Per Day

After hours, any time

Non-Agent Scan

Daily Compliance Scan - All Companies

(Only needed if you are not using the Probe - Full Scan option)

Compliance

Once Per Day

During business hours, we want assets to be online for scanning

Lightweight or Probe Agent

NOTE: The lightweight agent scan interval is configured under the Global Settings or Company Settings menu; the LWA scan type is unavailable in the scheduler.


Patch Scheduler

  • Configure Global Patch Scheduler

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Patch-Scheduler

NOTE: You may consider not configuring Patch Scheduler globally but on a per-company basis. The Company vs Global Scheduler can be used to balance these requirements.


Report Scheduler

  • Configure Global Report Scheduler

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102198449/Global+Scheduler#Report-Scheduler

Automated Report Schedule Recommendations

Report Schedule Name

Report Type

Frequency

Monthly Assessment Report - All Companies

PDF

Monthly

Monthly Executive Summary Report - All Companies

PDF

Monthly

Monthly Remediation Plan Report - All Companies

PDF

Monthly

Monthly Security Report Card Report - All Companies

Word

Monthly

Monthly Vulnerability Overview Report - All Companies

Word

Monthly

Weekly All Vulnerabilities Report - All Companies

Excel

Weekly


Company Management

Companies can be created manually in the portal (Local), or imported from one of the support PSA Integrations using the import options.

Add Local Company

  • Add Local Company

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/DQB0gQ

Add Company

Configure Company Settings

  • Review and Update Company Settings

NOTE: Setting a value in the Company Settings will override the Global Settings. When adding a new Company to the ConnectSecure portal, it is recommended to confirm the Company Settings for any needed overrides or changes based on what is inherited from the Global Settings.

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/74qfgQ

Company Settings

Configure Company Discovery

  • Review and Update Company Discovery

The Discovery section stores the company's Discovery Settings and Credentials. These settings are necessary to create a probe agent and are used by the agent to determine which network(s) or IP addresses it will scan. Additionally, the agent may use these credentials to access the network and obtain additional information.

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2102919235/Company+Agents#Discovery

Company Discovery

Configure Company External Asset(s)

  • Review and Update Company External Asset Configurations

You must set up the company-level External Assets > Configurations so ConnectSecure agent(s) know what and where to scan externally.

We recommend adding your client's public domain/website (IE: xyz.com) and any public-facing IP addressing (Static IP or Range).

image-20240502-212404.png

Refer to our KB for additional information and setup help: Company External Assets

External Scanning

Configure Company Scheduler

Review and update Company Scheduler options. If you have configured the Global Scheduler, you will see those options in the Company Scheduler window, as shown below. You may consider not setting a company-level schedule if you have it covered by the global.

NOTE: You can view any inherited Global options within the company scheduler under ‘Is Global’

image-20240502-213525.png

Agent Deployment

  • Prepare Company Agent Install Package
  1. Select a company

  2. Navigate to Overview > Agents

  3. Tap on the download Agent icon

image-20240509-211941.png

Refer to our KB for additional information and setup help: https://cybercns.atlassian.net/wiki/x/y4BffQ

CS-How-To.png

To use the Probe Agent, you must map the Discovery Settings and Credentials section; tap below for the guide on converting a lightweight agent to a probe.

CS-How-To.png

Review Scan Results

Now that we have configured all our settings and deployed agents, data should flow into our Assets, Vulnerabilities, Compliance, Active Directory, and PII modules where applicable.

image-20240509-213119.png
  • All Assets = All the assets installed with a lightweight/probe agent and any IP-based asset discovered during the probe's asset discovery scan. No probe would mean all assets are from LWA. Tap through the Asset Details screen to browse all the data collected from the asset. Below are some key areas to review.
    • Problems - review the Problems to see all discovered vulnerabilities
    • Solutions - review the Solutions to see the remediation plan for the asset
    • Security Report Card - review to see security posture details
    • Compliance Report card - review to see compliance checks based on OS configuration
image-20240510-204326.png
  • Firewalls = Firewall assets authenticated by Discovery Credentials will be shown here; if you do not provide credentials, no firewalls will display.
image-20240509-215859.pngCS-How-To.png
  • Other Assets = Probe discovered assets not supported for vulnerability scanning; these assets are not counted towards your billable devices.
  • Problems = Vulnerabilities. Instead of just dumping a list of CVEs, we classify them into our problem group categories; check our KB for the full listing: https://cybercns.atlassian.net/wiki/x/TgEUgg
image-20240509-220111.png
  • Solutions = Remediation Plan. This is where you will find the proposed/recommended solutions to address the problem (CVEs) discovered by the scans. Check the KB/FIX column to see a URL or link to the source for a solution.
image-20240509-220322.png
  • Pending OS Patches = View any detected missing operating system patches. To install patches, use the company's Patch Management screen.
image-20240509-220431.png
  • Ports = View detected ports and services running on the assets; requires a Probe Scan. Tap to see the asset details.
image-20240509-220602.png
  • External Assets = External Scan Endpoints. This would include any public-facing internet records seen as ‘looking from the internet to the inside.’ These do not require credentials and can be scanned during offline/non-standard business hours.

External Endpoint Name Example

Example

Public Domain / Website

IE: xyz.com (domain)

Static IP / Public IP

IE: 66.54.58.100 (static)

IP Range (Public Block)

IE: 66.54.58.100-66.54.58.105 (range)

CS-How-To.png
  • Patch Management = Company-level option only. Used to run manual patches for applications or OS. Patch jobs are also found here to check on successful, pending, and failed jobs. Tap date/time to see details.
image-20240509-215344.png
  • Attack Surface Mapper = Secondary type of external scan. Includes Vulnerabilities, Open Ports, Target IPs, Emails, Usernames, and Subdomains. It also includes the S3 Buckets, DNS Records, MX Records, and RAW Headers.
image-20240509-215312.png
  • Certificates = SSL information. This is great for Certificate Management. However, it requires the probe scan and an external asset configuration to be added.
image-20240509-215707.png
  • Active Directory Problems (if applicable) =
CS-How-To.png
  • Active Directory (if applicable) = Requies administrator-level credentials for Active Directory. Displays your basic AD data, including the OU’s (Organizational Units), Users, Computers, Groups, GPO (Group Policy Objects), and Password Policy details.
image-20240509-221656.png

Refer to our Active Directory Least Privelages KB if you are not using domain admin credentials:

https://cybercns.atlassian.net/wiki/x/AYC_gQ

CS-How-To.png
  • Azure Active Directory and Microsoft Secure Score = require the Azure CSP or Non-CSP integration to be configured. Displays the Users, Computers, Groups, Licenses, Logs, and Roles.

Refer to the Azure Integration Guides here: https://cybercns.atlassian.net/wiki/x/HoHXfQ

image-20240509-221924.png

This integration will also populate the Microsoft Secure Score data.

image-20240509-221949.png

Review Dashboard and Reporting

Now that you have collected data from the various scans use the dashboard and reporting to get the information into the hands of the people who matter.

We have prebuilt Standard Reports and a customizable Report Builder.

Any report can be scheduled for automatic delivery to your email inbox or through various integration points using the Report Scheduler.

You can also use the in-app Company Dashboard and/or Global Dashboard to see your data in different views with additional filtering and sorting options in our dashboards.


Need Onboarding Help?

We have an onboarding team dedicated to your success. Please use the link below to schedule a time that works for you. We will be happy to assist in your onboarding and answer any questions you have to get your implementation up and running smoothly.

One-on-one bookings:

https://calendly.com/connectsecure-onboarding

Group bookings (held multiple times a week)

https://connectsecure.com/onboarding


Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png

Add label

  • No labels