Issue/Introduction:
The SRAS Vulnerability Module integration is introduced due to the following business reasons:
- To view vulnerability assessment data that SRAS collects using the rich and evolved reporting capabilities of the Dashboards feature in CCS so as to leverage more and better information from the same data.
- To make the vulnerability assessment data that SRAS collects available to CCS Risk Manager to determine the overall security, risk, and compliance posture of your networks.
Resolution:
Please refer Chapter 3 in SRAS Vulnerability Module Integration Deployment and Usage Guide to install the SRAS Vulnerability Module Integration / Connector
Role of the integration system
As a mediator between the third-party information source and CCS, the integration system does the following tasks:
- Connects: The integration system connects to the third-party information source.
- Authenticates: The integration system uses credentials to connect with the third-party information source.
- Imports: The integration system imports data from the third-party information source into CCS using a data import mechanism.
Structure of the integration system
The SRAS Vulnerability Module integration is an Open Database Connectivity (ODBC) connector that is a part of the External Data Integration (EDI) framework of CCS.
EDI enables you to seamlessly assimilate data from an external application into Control Compliance Suite (CCS).
What you can do using the integration system
Using the SRAS Vulnerability Module integration, you can:
- Use vulnerability assessment data for policy compliance.
- Use vulnerability assessment to measure Key Performance Indicators (KPIs) using Dynamic Dashboards feature in CCS.
- Use the risk scores that SRAS determines to contribute to the overall asset risk score.
- Use assets information that SRAS provides to rationalize assets.
Prerequisite
- Symantec Risk Automation Suite v4.0.7.3601
- Symantec Control Compliance Suite 11.0