Hello everyone, I’m new to OpenVAS/GVM
I’m currently looking for a solution to have a central OpenVAS scanner with several agents distributed around the organization, could someone tell me if this is posible and if so, point me in the direction to some sort of documentation in how to achieve this?
Kind regards
P.S. sorry for the bad english
Hi Roger-UY and welcome to the Greenbone forum.
I believe that others have asked about setting up a scanning architecture in this configuration on the forum before, but to my knowledge, no working solution has been achieved. You may view the Greenbone architecture and consider how you could achieve this.
My guess is that to achieve this, every “satelite” agent would require (looking at the architecture diagram) gvmd and all the scanning tools to the left of it. You may be able to configure them to all connect to a central PostgreSQL instance, otherwise, they would all have to maintain their own database.
From there you would likely want to use gvm-tools to access each instance via gvm-cli using an ssh or tls connection type, and then control each agent using python-gvm scripts, and centralize the scan results.
I’m curious about your reason for implementing this method. Is it to reduce excessive network traffic caused by the scanning activity and isolate it to isolated segments, or due to problems with scanning traffic passing through security configuration such as firewalls?
Hi!
Thank you so much for your kind and fast reply.
The main reason to search for this is to isolate segments within the organization.