Risk Scan Engine Compatibility

Updated Sep 28, 2023

Risk Scan Engine compatibility
Scan target platform support
- Java VM compatibility
Risk Scan Engine drivers
Database engine support
Standards support
Content support
- Compliance content
- Vulnerability content
See also

Risk Scan Engine compatibility

Arctic Wolf Risk Scan Engine (formerly Joval) has advanced remote-scanning capabilities and broad platform coverage, so you can scan virtually any device on the network, from any other Java-enabled device. This document describes the out-of-the-box support Risk Scan Engine offers for various databases, schema standards, platforms, and content.

Scan target platform support

Risk Scan Engine can scan the following platforms:

Windows: Windows XP SP3 or newer, Windows Server 2003 SP2 or newer
Linux: RHEL 5 or newer, Fedora 14 or newer, SUSE Desktop 10 or newer, SUSE Enterprise Server 9 or newer, Ubuntu 8.10 or newer, Debian 6.0 or newer
Apple: OSX Snow Leopard or newer, iOS 5.1 or newer
Cisco: IOS 12.2 or newer, IOS-XE 12.2 or newer, ASA 9.0 or newer, NX-OS 7 or newer.

Note: Cisco NX-OS support requires a special license. Contact joval-licensing@arcticwolf.com for more information.
Juniper JunOS 8.5R1 or newer
IBM AIX 6.1 or newer, RHEL 6 or newer on System Z
Oracle Solaris 8 or newer
Palo Alto Networks PAN-OS 7 or newer.
HP-UX 11.23 or newer
FreeBSD 8.4 or newer
VMWare ESXi 5.0 or newer

Java VM compatibility

Risk Scan Engine versions 6.5 and newer are compatible with any Java virtual machine version 11 and newer. Risk Scan Engine versions older than 6.5 are compatible with any Java virtual machine between version 1.6 and version 16.

Risk Scan Engine drivers

Risk Scan Engine comes with Oracle, jTDS, and PostgreSQL drivers installed.

To add IBM Db2 and MySQL support, download the desired drivers and copy them to the lib/ directory.

Database engine support

Risk Scan Engine supports SQL tests for these database engines, using the associated Java Database Connectivity (JDBC) drivers:

Engine	Version	JDBC Driver
DB2	≥8.1	IBM
MSSQL	Azure, 2005, 2008, 2008 R2, 2012, 2014, 2016, 2017, 2019	jTDS
MySQL	≥4.1	Connector/J
Oracle	≥9.0.1	Oracle
PostgreSQL	≥7.2	PostgreSQL
Sybase	10, 11, 12, 15, 16	jTDS

Standards support

Risk Scan Engine supports the following schema versions:

SCAP (Security Content Automation Protocol) Datastream 1.2 and 1.3
XCCDF (eXtensible Configuration Checklist Definition Format) 1.2
OVAL (Open Vulnerability Assessment Language) 5.11.2
OCIL (Open Checklist Interactive Language) 2.0
CPE (Common Product Enumeration) 2.3
ARF (Asset Reporting Format) 1.1
AI (Asset Information) 1.2
SCE (Script Check Engine) 1.0

Content support

Risk Scan Engine can use content from many organizations. This section lists the compliance and vulnerability content sources you may wish to use.

Risk Scan Engine has wide adoption and robust schema support. One advantage to the SCAP family of specifications is that there is a significant amount of freely-available content that is written in compatible formats. A continuous monitoring solution that is SCAP-based can leverage these content sources and avoid having to dedicate a team to content creation and migration activities. Most available content addresses the security compliance and known-vulnerability detection use-cases.

Compliance content

These organizations set standards, guidelines, and benchmarks for security compliance that you may want to use with Risk Scan Engine.

NIST United States Government Configuration Baseline (USGCB) — NIST maintains the baseline configuration guidance for products commonly used by US Government Federal agencies.
Defense Information Systems Agency (DISA) Secure Technical Implementation Guidelines (STIGs) — DISA is the IT department for the US Department of Defense. Its SCAP-based STIGs guide organizations seeking to implement government and industry-mandated compliance policies.
NIST National Vulnerability Database (NVD) — This repository indexes security benchmarks from a variety of US-government sources.
RedHat SCAP Security Guide (SSG) — RedHat maintains its own security guidelines in SCAP format, particularly for newer versions of RedHat Linux that are not explicitly covered by USGCB.
Center for Internet Security Benchmarks (CIS Benchmarks) — The Center for Internet Security (CIS) publishes secure configuration guidelines called benchmarks for a variety of software and operating systems.
ALTX-SOFT — ALTX-SOFT is a Russian company that produces SCAP-based content for various regulatory bodies.
SecPod — SecPod produces XCCDF compliance benchmarks focused on HPIAA, PCI, NERC and other regulatory and industry frameworks.

Vulnerability content

These organizations host OVAL vulnerability content that you may want to use with Risk Scan Engine.

CIS Repository (formerly MITRE) — The original OVAL repository, now hosted by CIS, contains every vulnerability known to the National Vulnerability Database (NVD).
Cisco — Publishes OVAL vulnerability content for IOS.
RedHat — Hosts an OVAL vulnerability feed for all the Red Hat Package Manager (RPM) software for RedHat Linux.
Oracle — Hosts an OVAL vulnerability feed for all the RPM-packaged software for Oracle Enterprise Linux.
Ubuntu (Canonical) — Hosts an OVAL vulnerability feed for all Debian software packages available for Ubuntu Linux distributions.
Novell — Hosts automatically-generated OVAL vulnerability feeds for supported versions of SUSE Linux distributions.
Debian — Hosts automatically-generated OVAL vulnerability feeds for Debian packages.
ALTX-SOFT — Contributes to OVAL content in the CIS repository and maintains their own repository of OVAL vulnerability content for registered users.
SecPod — Maintains OVAL definitions covering MacOS X vulnerabilities.