Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 33 Next »

This onboarding guide is for users who already have set up access to their ConnectSecure portal.

If you do not have access to your ConnectSecure portal, please get in touch with your admin and ask that they create a User account. Tap the link below to access the ‘Add New User’ guide.

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2111111353/V4+User+Management+and+Security#Add-New-User

You can also contact our Support Team for login assistance by emailing support@connectsecure.com. Include your email and tenant name used for login.

Join us for our weekly product walk-through and onboarding:

ConnectSecure Group Onboarding

image-20240409-134634.png

V4 Partner Onboarding Guide - Table of Contents


Prerequisites

We have a dedicated page with the prerequisites for a smooth-running ConnectSecure agent and portal.

Please refer to this page before completing your onboarding: V4 Agent Prerequisites

This includes the Ports, IPs, Domain, and general whitelisting information.


Accessing ConnectSecure V4

Zitadel Authentication Portal Access

This is the authentication front end where you can manage and view your user account connected to the ConnectSecure V4 application.

You can access this directly from the V4 portal by tapping on Global > Overview/Dashboard > Users > Profile.

image-20240409-134949.png

Tap on the Password and Security option to manage your login methods.

image-20240213-154657.png

You can use a local password, Passwordless, or Multifactor Authentication.


ConnectSecure V4 Portal Access

The ConnectSecure V4 portal sign-in can be found here: https://portal.myconnectsecure.com/sign-in.

Your tenant name and credentials are required to log in.

If you have an account created but are having trouble logging in, please check out our user password and MFA reset guide; tap the link below.

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2111111353/V4+User+Management+and+Security#Reset-Password-%2F-MFA

Still having trouble? Get in touch with our Support team by emailing support@connectsecure.com

image-20240213-155014.png

Upon successful sign-in, if you see the Getting Started Wizard, you can close it out or set up your first local company. I recommended using your own company to start or a test company like XYZ Test Co.

Otherwise, you can continue below for a walk-through of the recommended onboarding settings.

If you see data in your V4 portal, it may have been replicated from your previous V3 instance.

For more information, see V3 to V4 Replication Information


Onboarding-Flowchwart.drawio-20240312-205236.png

ConnectSecure Onboarding Checklist

Review and Update User Management and Security Roles

Review and Update Global Settings

Create/Import Companies

Review and Update Company Settings

Review and Update Global Integrations

Deploy Agent(s) and Configure Probe(s)

Review and Update External / Attack Surface Mapper Settings

Review and Update PII Scan Settings

Review and Update Global Scheduler

Review Scan Results


1 - Users and Security

Before starting your ConnectSecure portal, you should ensure your Users and Security options have been reviewed and configured. We have a full guide built that covers this in detail at the link below:

V4 User Management and Security


2 - Global Settings

Global settings apply to all companies added to the ConnectSecure portal. Each section should be reviewed for accuracy.

image-20240213-180141.pngimage-20240216-220228.png

Generally, most global settings defaults will be fine, but you should at least pass over each section and become familiar with them. Refer to our documentation if you need more info on a particular setting. We have detailed documentation on each Global Settings option in the table below.

Confirm your timezone settings, as these will impact your time/date stamps, scheduled scan times, report delivery times, and more.


3 - Companies

Companies include your company, test companies, production customers, or prospects.

You can create a company using the Local or PSA method.

Local = a company made directly inside of the ConnectSecure portal.

PSA = a company imported from a supported integration; see Category: PSAfor a complete listing of our currently supported PSA integrations.

From the Global > Dashboard, you will find the New Company, Delete Companies, and Companies icons on the Companies menu toolbar. This is where you can manage your existing companies or create new ones. That includes creating and deleting companies from the portal.

image-20240409-135410.png

We recommend creating your own or a test company to facilitate testing before deploying any configuration(s) to your production customers and prospects.

You will always see a drop-down selector at the top toolbar of the portal. This selector allows you to choose Global or any company you have created in ConnectSecure. To use the company search function, start typing, scroll through the list, and then click on the company you want to select. The checkmark will indicate the currently selected option.

image-20240409-135521.png

Once companies are created, consider visiting the Company-level settings if you need to override the Global-level settings.

image-20240409-135619.pngimage-20240409-135634.png

4 - Integrations

Integrations are the API-driven connections between ConnectSecure and third-party products.

image-20240409-135742.png

Integrations are not required to get your ConnectSecure deployment up and running.

You can always return to the integrations section and configure after your initial onboarding configuration.

We have documentation for each integration here: V4 Integration Setup Guides


5 - Agent Deployment

ConnectSecure offers two types of agents, Lightweight and Probe that can be deployed based on the network, restrictions, and network access level.

Lightweight ('LWA') = scans just the asset the remote agent is installed on; does not scan outside the boundaries of the local asset. This is the default agent type for all agent installations for V4.

Probe = scans the remote asset it’s installed on; also can scan the network based on provided discovery settings (IP Ranges and Credentials)

V4 Agent Prerequisites

Scan Results | Lightweight Agent vs Probe Agent V4 Agent Types

Lightweight Agent (default)

Ciphers, Compliance Report Card, External/Internal Ports, Firewall Rules, Hardware Specs, OS Info, Patches, Security Repot Card, Services, Software Inventory, Unquoted Service Path, User Shares, Users, and Vulnerabilities

Probe Agent

Scans for everything included with LWA above, as well as Network Scan FIndings (which populate the Global and Network Vulnerabilities)

LWA scanning will take place automatically. You should check to confirm or adjust the LWA Scan Interval settings found in the Global Settings. Check the table below for a guide.

Probe agent scanning can be done manually or configured on the Global Scheduler for automated scan jobs. Check the table below for a guide.

Creating a probe agent is easy. Mapping Discovery Settings and Credentials to any agent automatically converts the LWA into a Probe agent. Check the table below for a guide.

How To: Convert Lightweight Agent to Probe

The agent installer is company-based, so you must be at the company level to see the ‘Download Agent’ options. Navigate to a company, then Overview > Agents screen, and tap the Download Agent button.

image-20240213-221345.png

Select your operating system and use one of the installation methods to deploy the agent. This includes an option for Web Installer, Download, or Copy to Clipboard.

image-20240213-221846.png

Please refer to our How To Guide for Agent Deployment assistance.

How To: Install ConnectSecure V4 Agent

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2103410891/How+To%3A+Install+ConnectSecure+V4+Agent#Method-1---Web-Installer-(Download)

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2103410891/How+To%3A+Install+ConnectSecure+V4+Agent#Method-2--Command-Prompt-(Download)

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/2103410891/How+To%3A+Install+ConnectSecure+V4+Agent#Method-3---PowerShell-(Copy-to-Clipboard)


6 - Scheduler

The scheduler is where you will create automatic schedules to run for Scans, Patches, and Reports.

image-20240214-181124.png

The Scheduler is available from the Global > Assets modules.

Schedules will vary based on your requirements. You can build global schedules to apply for all companies or select ‘allowed companies’ or ‘denied companies’ to get the exact parameters you need.

Automated Scan Schedule Recommendations

Name

Scan Type

Frequency

Daily Full (includes AD + Network)

Full Scan

Once Per Day

Hourly LWA Scan

Lightweight Agents

Every 60 Minutes

Weekly ASM Scan

Attack Surface Mapper

Once Per Week

Weekly External Scan

External Scan

Once Per Week

Scheduling of your Patches and Reports will vary greatly depending on your requirements. We have full guides listed below if you want to learn more about using the Patch and Report Scheduler in depth.


7 - Scan Results

Now that you have your companies created, agents deployed, and schedules configured, you should start to see the scan results populate all the various screens depending on the scope of the scans.

Below is a table that shows the module location and a link to the full documentation for each section.

Module (Location)

Link

Assets > Assets

Company Assets

Assets > Firewalls

Company Firewalls

Assets > Problems

Company Problems

Assets > Solutions

Company Solutions

Assets > Pending OS Patches

Company Pending OS Patches

Assets > Ports

Company Ports

Assets > External Assets

Company External Assets

Assets > Patch Management

Company Patch Management

Assets > Application Baseline Results

Company Application Baseline Results

Assets > Attack Surface Mapper

Company Attack Surface Mapper

Assets > Certificates

Company Certificates

Vulnerabilities > All (App + Network)

Company Vulnerabilities

Vulnerabilities > Application

Company Application Vulnerabilities

Vulnerabilities > Network

Company Network Scan Findings

Compliance > Standards

Company Compliance Standards

Active Directory > Problems

AD Problems

Active Directory > AD Summary

AD Summary

Active Directory > AD Audit

AD Audit

Azure AD Summary

Azure AD Summary

Active Directory > Active Directory

Active Directory

Azure Active Directory

Azure Active Directory

Microsoft Secure Score

Microsoft Secure Score

PII

Company PII Results

The scan results data is also available in all our built-in Company Dashboards, Standard Reports, and Report Builder. Check below for additional information.


8 - Reporting

Now that you have collected data from the various scans use the reporting to get the information into the hands of the people who matter.

We have prebuilt Standard Reports and a customizable Report Builder.

Any report can be scheduled for automatic delivery to your email inbox or through various integration points using the Scheduler or Reports Integrations.

You can also use the in-app Company Dashboard and/or Global Dashboard to see your data in different views with additional filtering and sorting options in our dashboards.


Need Onboarding Help?

We have an onboarding team that is dedicated to your success. Please use the link below to schedule a time that works for you, and we will be happy to assist in your onboarding and answer any questions you have to get your implementation up and running smoothly.

https://calendly.com/connectsecure-onboarding


Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png
  • No labels