TOC & Recently Viewed

Recently Viewed Topics

Database Credentials

Note: Aspects of credential options are based on Nessus plugin options. Therefore, specific credential options may differ from the descriptions documented here.

Configure the following options for database credentials.

Options Description

Name

A name for the credential.
Description A description for the credential.

Tag

A tag for the credential.
Type The type of authentication you want to perform. For database credentials, select Database.
Authentication Method

The method you want to use for authentication. Your Authentication Method selection determines the method-specific options you must configure: CyberArk Options and Password Options.

Database Type

The type of database: DB2, SQL Server, MySQL, Oracle, or PostgreSQL.

Your Database Type selection determines other type-specific options you must configure: Database Name, Authentication, Instance Name, Service Type, and/or Service.

Database Port The port the database is listening on.
Database Name (Required for DB2 and PostgreSQL databases) The name for your database instance.
Authentication (Required for SQL Server and Oracle databases) The type of account you want SecurityCenter to use to access the database instance.
Instance Name (Required for SQL Server databases) The name for your database instance.
Service Type (Required for Oracle databases) The Oracle parameter you want to use to identify the database instance: SID or Service Name.
Service

(Required for Oracle databases) The SID value for your database instance or a SERVICE_NAME value.

The Service value you enter must match your parameter selection for the Service Type option.

CyberArk Options

The following table describes the options to configure when using CyberArk as the Authentication Method for IBM DB2, SQL Server, MySQL, Oracle Database, or PostgreSQL database credentials.

Note: You must be running Nessus 7.0.0 or later to configure CyberArk credentials.

Option Description

Username

(Required) The username for the target system.

Central Credential Provider URL Host

(Required) The IP/DNS address of the CyberArk Central Credential Provider.

Central Credential Provider URL Port

(Required) The port the CyberArk Central Credential Provider is listening on.

Vault Username

The username for the vault, if the CyberArk Central Credential Provider is configured for basic authentication.

Vault Password

The password for the vault, if the CyberArk Central Credential Provider is configured for basic authentication.

Safe

(Required) The safe on the CyberArk Central Credential Provider server that contains the credentials you want to retrieve.

CyberArk Client Certificate The file that contains the PEM certificate used to communicate with the CyberArk host.
CyberArk Client Certificate Private Key The file that contains the PEM private key for the client certificate.
CyberArk Client Certificate Private Key Passphrase The passphrase for the private key, if required.

AppID

(Required) The AppID with CyberArk Central Credential Provider permissions to retrieve the target password.

Folder

The folder on the CyberArk Central Credential Provider server that contains the credentials you want to retrieve.

Vault Use SSL

When enabled, SecurityCenter uses SSL through IIS for secure communications. You must configure SSL through IIS in CyberArk Central Credential Provider before enabling this option.

Vault Verify SSL

When enabled, SecurityCenter validates the SSL certificate. You must configure SSL through IIS in CyberArk Central Credential Provider before enabling this option.

For more information about using self-signed certificates, see the Nessus custom_CA.inc documentation.

CyberArk AIM Service URL

The URL for the CyberArk AIM web service. By default, SecurityCenter uses /AIMWebservice/v1.1/AIM.asmx.

Password Options

The following table describes the options to configure when using Password as the Authentication Method for database credentials.

Option Description
Username (Required) The username for a user on the database.
Password (Required) The password associated with the username you provided.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.