Utilizing Rapid7’s Nexpose Vulnerability Manager with VMware NSX platform for scanning virtualized assets
search cancel

Utilizing Rapid7’s Nexpose Vulnerability Manager with VMware NSX platform for scanning virtualized assets

book

Article ID: 343395

calendar_today

Updated On:

Products

VMware NSX Networking VMware vCenter Server VMware vSphere ESXi

Issue/Introduction

Virtual environments are extremely fluid, which makes it difficult to manage them from a security perspective.

The vAsset Scan feature address this challenge by integrating nexpose scanning with the VMware NSX network virtualization platform. The integration gives a scan engine direct access to an NSX network of virtual assets by registering the scan engine as a security service within that network. This approach provides several benefits:

  • The integration automatically creates a Nexpose site, eliminating manual site configuration.
  • The integration eliminates the need for scan credentials. As an authorized security service in the NSX network, the scan engine does not require additional authentication to collect extensive data from assets.
  • Security management controls in NSX use scan results to automatically apply security policies to assets, saving time for IT or security teams. For example, if a scan flags a vulnerability that violates a particular policy, NSX can quarantine the affected asset until appropriate remediation steps are performed.


Disclaimer: The Rapid7 product referenced in this article is a software module that is developed and supported by Rapid7. Use of this product is also governed by the end user license agreement of Rapid7. You must obtain from Rapid7 the application, support, and licensing for using this product. For more information, see www.rapid7.com.


Environment

VMware vCenter Server 5.5.x
VMware NSX for vSphere 6.0.x
VMware vSphere ESXi 5.5

Resolution

Note: The vAsset Scan feature is a different feature and license option from vAsset Discovery, which is related to the creation of dynamic sites that can be scanned.

VMware Requirements
  • A Nexpose installation with the vAsset Scan feature enabled in the license
  • VMware ESXi 5.5 hosts
  • VMware vCenter Server 5.5
  • VMware NSX 6.0
  • VMware Endpoint deployed

Nexpose Requirements
  • Minimum Hardware
    • 2 GHz+ processor
    • 4 GB (32-bit), 8 GB (64-bit) RAM recommended
    • 80 GB+ available disk space
    • 100 Mbps NIC
  • Browsers
    • Microsoft Internet Explorer 8,9,10
    • Mozilla Firefox 17
    • Google Chrome
  • Operating Systems
    • Microsoft Windows 7*, 8 (64-bit), Server 2008 R2, Server 2012
    • RedHat Enterprise Linux 5.x (64-bit), 6.x (64-bit)
    • Ubuntu Linux 10.04 LTS (64-bit), 12.04 LTS (64-bit)


Additional Information

Support information


Product Download: http://www.rapid7.com/products/nexpose/compare-downloads.jsp

User Guide: https://community.rapid7.com/docs/DOC-1387

Installation Guide: https://community.rapid7.com/docs/DOC-1385

Support Link: http://www.rapid7.com/support/

Support Phone: 866-390-8113 (toll free)

Support Email: [email protected]

VMware NSX プラットフォームにおける仮想化資産のスキャンのための Rapid7 製 Nexpose Vulnerability Manager の使用について