TOC & Recently Viewed

Recently Viewed Topics

Database Credentials

Note: Aspects of credential options are based on Nessus plugin options. Therefore, specific credential options may differ from the descriptions documented here.

Configure the following options for all database credentials: IBM DB2, Informix/DRDA, SQL Server, MySQL, Oracle Database, or PostgreSQL.

Options Description

Name

A name for the credential.
Description A description for the credential.

Tag

A tag for the credential.
Authentication Method

The method you want to use for authentication. Your Authentication Method selection determines the method-specific options you must configure: CyberArk Options, Password Options, and Lieberman Options.

Note: You cannot select an Authentication Method for Informix/DRDA credentials because only password authentication is supported.

CyberArk Options

The following table describes the additional options to configure when using CyberArk as the Authentication Method for IBM DB2, SQL Server, MySQL, Oracle Database, or PostgreSQL database credentials.

Note: You must meet the version requirements specified in Tenable Integrated Product Compatibility.

Option Database Types Description

Username

All

The username for the target system.

Port All The port the database is listening on.
Service Type Oracle Database The Oracle parameter you want to use to identify the database instance: SID or Service Name.
Service Oracle Database

The SID value for your database instance or a SERVICE_NAME value.

The Service value you enter must match your parameter selection for the Service Type option.

Database Name

IBM D2

Postgre SQL

The name for your database instance.

Central Credential Provider URL Host

All

The IP/DNS address of the CyberArk Central Credential Provider.

Central Credential Provider URL Port

All

The port the CyberArk Central Credential Provider is listening on.

Vault Username

All

The username for the vault, if the CyberArk Central Credential Provider is configured for basic authentication.

Vault Password

All

The password for the vault, if the CyberArk Central Credential Provider is configured for basic authentication.

Safe

All

The safe on the CyberArk Central Credential Provider server that contains the credentials you want to retrieve.

CyberArk Client Certificate All The file that contains the PEM certificate used to communicate with the CyberArk host.
CyberArk Client Certificate Private Key All The file that contains the PEM private key for the client certificate.
CyberArk Client Certificate Private Key Passphrase All The passphrase for the private key, if required.

AppID

All

The AppID with CyberArk Central Credential Provider permissions to retrieve the target password.

Folder

All

The folder on the CyberArk Central Credential Provider server that contains the credentials you want to retrieve.

PolicyID All  

Vault Use SSL

All

When enabled, SecurityCenter uses SSL through IIS for secure communications. You must configure SSL through IIS in CyberArk Central Credential Provider before enabling this option.

Vault Verify SSL

All

When enabled, SecurityCenter validates the SSL certificate. You must configure SSL through IIS in CyberArk Central Credential Provider before enabling this option.

For more information about using self-signed certificates, see the Nessus custom_CA.inc documentation.

CyberArk AIM Service URL All

The URL for the CyberArk AIM web service. By default, SecurityCenter uses /AIMWebservice/v1.1/AIM.asmx.

Password Options

The following table describes the additional options to configure when using Password as the Authentication Method for database credentials.

Option Database Types Description
Username All The username for a user on the database.
Password All The password associated with the username you provided.
Port All The port the database is listening on.
Database Name

IBM D2

PostgreSQL

The name for your database instance.
Authentication

Oracle Database

SQL Server

The type of account you want SecurityCenter to use to access the database instance.
Service Type Oracle Database The Oracle parameter you want to use to identify the database instance: SID or Service Name.
Service Oracle Database

The SID value for your database instance or a SERVICE_NAME value.

The Service value you enter must match your parameter selection for the Service Type option.

Instance Name SQL Server The name for your database instance.

Lieberman Options

The following table describes the additional options to configure when using Lieberman as the Authentication Method for IBM DB2, SQL Server, MySQL, Oracle Database, or PostgreSQL database credentials.

Note: You must meet the version requirements specified in Tenable Integrated Product Compatibility.

Option Database Types Description
Username

All

The username for a user on the database.
Port

All

The port the database is listening on.
Database Name

IBM DB2

PostgreSQL

The name for your database instance.
Authentication

Oracle Database

SQL Server

The type of account you want SecurityCenter to use to access the database instance.
Service Type Oracle Database The Oracle parameter you want to use to identify the database instance: SID or Service Name.
Service Oracle Database

The SID value for your database instance or a SERVICE_NAME value.

The Service value you enter must match your parameter selection for the Service Type option.

Instance Name

SQL Server

The name for your database instance.
Lieberman Host

All

The Lieberman IP address or DNS address.
Lieberman Port

All

The port Lieberman is listening on.
Lieberman User

All

The username for the Lieberman explicit user you want SecurityCenter to use for authentication to the Lieberman Rapid Enterprise Defense (RED) API.

Lieberman Password

All

The password for the Lieberman explicit user.

Use SSL

All

When enabled, SecurityCenter uses SSL through IIS for secure communications. You must configure SSL through IIS in Lieberman before enabling this option.

Verify SSL Certificate

All

When enabled, SecurityCenter validates the SSL certificate. You must configure SSL through IIS in Lieberman before enabling this option.

For more information about using self-signed certificates, see Upload a Custom CA Certificate.

System Name

All

The name for the database credentials in Lieberman.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.