Fuel to interact with external vulnerability scanner (Nessus)
Currently Fuel cannot interact with any external vulnerability scanner. Security wise customers would like to integrate their corporate Nessus instances with OpenStack environments to provide appropriate security assessment mechanisms. Since Fuel knows all the details of provisioned clouds, it is ideal candidate to orchestrate external security assessment tools like Nessus.
In scope of plugin development is:
- appropriate scan policy configuration of external security assessment tool (we assume Nessus), we assume definition of two policies: 'Credentialed Patch Audit' (CPA) and 'Advanced Scan' (AS). Advanced Scan should be defined against external network segment.
- appropriate scan definition: OpenStack network address ranges, authentication data required to implement Nessus scanning
- other details discovered during the implementation phase
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Adam Heczko
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
