About the QVM Engine for OpenVAS NVTs

The open source project OpenVAS provides about 50,000 individual Network Vulnerability Tests (NVTs) through their Community Feed. These NVTs are individual tests that can assess a vulnerability. The QVM Engine for OpenVAS NVTs provides the ability to run these tests as part of a QVM Scan.

You must have the correct license capabilities to perform the following scanning operations. If you need assistance to obtain a new or updated license key, contact your Juniper Customer Support.

Features

The QVM Engine for OpenVAS NVTs installs a new scan policy called Full Scan Plus, separate from your existing scan policies. Because it contains more vulnerability tests, extra time is required to run the scans. Previously configured scans use the Opencast Nets in addition to the capabilities of JSA Vulnerability Manager.

The Full Scan Plus policy includes thousands of additional vulnerability tests provided by the OpenVAS project.

NVTs are updated nightly through existing automatic updates. No extra configuration is required.

Requirements

The QVM Engine for OpenVAS NVTs requires JSA 7.3.1, Patch 3 or later with a JSA Vulnerability Manager license.

Installation requires Console access and automatic updates. See Adding the Full Scan Plus Scan Policy to JSA Vulnerability Manager.

Frequently asked questions

Does the QVM Engine for OpenVAS NVTs allow importing vulnerabilities into JSA Vulnerability Manager from a stand-alone OpenVAS deployment?

No. This plugin enables QVM to run OpenVAS Network Vulnerability Tests as part of QVM scans, but it is not designed to provide integration with a separately provided instance of OpenVAS.

Does the Full Scan Plus policy run only OpenVAS NVTs?

No. The Full Scan Plus Policy uses a combination of QVM scanning tests with the NVTs for maximum coverage.