Migrate Managed Risk Scanner configurations

During an operating system upgrade, you can migrate these scanner configurations:

• Configuration settings, including:

  • Enable OpenVAS scanning
  • Enable Nmap scanning
  • Ping-only mode configuration
  • Denylist configuration
  • DNS configuration

• Preferences, including:

  • Brute force scanning disablement
  • CGI scanning disablement

• Schedules, including configured times for scans to run

• Credentials for credentialed scanning

  Note: Due to end-to-end encryption, you must manually migrate any credentialed scanning configurations.

Before you begin

1. Follow the instructions for the physical scanner that Arctic Wolf sent to you or the instructions for your preferred virtual deployment option. See the Managed Risk Scanner Installation and Configuration Guide.
2. Allowlist all IP address ranges, as described in the appropriate installation guide.
3. On the Risk Dashboard, confirm that your new scanner is registered and can connect to Arctic Wolf. See Scanner Configuration in the Risk Dashboard User Guide for more information.

Migration options

There are two available options to do this migration. Choose the option that best suits you.

• Manually Migrate Your Managed Risk Scanner Configuration — If you have a small number of configurations to migrate.

• Migrate Managed Risk Scanner configuration using a script — If you have a large set of scan schedules and manual migration is not convenient.

  Note: This script migrates scan endpoints, scan schedules, DNS entries, and denylist configurations. However, this script does not migrate credentials for credentialed scans because they are end-to-end encrypted. To migrate credential scan configurations, you must instead add them as new credential scans.

Manually migrate your Managed Risk Scanner configuration

You can manually migrate all Managed Risk Scanner configurations, preferences, and scan schedules.

Before you begin

Before you begin the migration, we recommend taking one of these approaches so that you can easily set configurations, preferences, and schedules on the new scanner:

• Open two instances of the Risk Dashboard, one for both the old and new scanner, which you can refer to as needed.
• Take screenshots of the old scanner configuration, troubleshooting settings, and scan schedules which you can refer to as needed.

Steps

1. Migrate configuration settings and preferences.
2. Migrate scan schedules.

Step 1: Migrate configuration settings and preferences

1. In the Risk Dashboard, click Config > Scanner Config to open the Scanner Config page.
2. In the Scanner ID field, confirm that the new scanner is selected.
3. Under Scanner Configuration, make adjustments to scan configuration to match the old scanner:
   1. Enable or disable Host Identification Scans using the toggle.
   2. Enable or disable Vulnerability Scanning using the toggle.
   3. In the DenyList IP/Networks field, add IP addresses or networks.
   4. In the Host Collection DNS Servers field, enter the DNS server address.
4. Click Troubleshooting Settings to open the Troubleshooting settings dialog and make adjustments to match these settings with the old scanner:
   1. Enable or disable Brute force checks using the toggle.
   2. Enable or disable CGI scanning using the toggle.
   3. Enable or disable Only ping the target using the toggle.

Step 2: Migrate scan schedules

To migrate scanner schedules to the new scanner:

1. For each scan schedule that you need to migrate:

   1. Under Scanning Schedule, click Add a new scan schedule to open the Configure Scanning Scheduler dialog, and enter all scan schedule details.

   Tip: See Add a new scan schedule in the Risk Dashboard User Guide for complete steps.

   2. . Click Configure to save the schedule for the new scanner.

2. Remove the schedule from the old scanner:

   1. In the Scanner Configuration section, click the magnifying glass to select your old scanner UUID from the list.
   2. Click the trash can beside existing scan schedules that you migrated to the new scanner. That way, both scanners do not scan the same networks and report the same risks multiple times.

Next steps

• See Migrate credentialed scan configurations for more information.

Migrate Managed Risk Scanner configuration using a script

You can use a migration script to migrate all Managed Risk Scanner configurations, preferences, and scan schedules.

Requirements

Before you run any migration commands, confirm that you have installed and configured the following:

• The latest Linux distribution
• curl
• jq
• tar

Steps

1. Download the tar file from the link that your Concierge Security® Team (CST) provided.

2. Run this command to extract the contents of .tar file:

   tar -xvf migrate_config.tar

3. Run this command to change to the the extracted directory:

   cd migrate_config/

4. Run this command to change the permission of the script and let it run:

   sudo chmod +x migrateScannerConfig.sh

5. Run this command to run the migration script:

   ./migrateScannerConfig.sh

6. When prompted, enter the old scanner UUID as the source scanner UUID.

7. When prompted, enter the new scanner UUID as the destigation scanner UUID.

If the script succeeds, a message similar to this appears: Configuration, preferences and schedules have been successfully migrated

Next steps

• See Migrate credentialed scan configurations for more information.

Migrate credentialed scan configurations

If you have any credentialed scans that existed on your previous scanner, you must add them as new credentials in the Risk Dashboard.

See Add new scan credentials in the Risk Dashboard User Guide for complete steps.

Contact your CST

After completing all migration steps, contact your Concierge Security® Team (CST) so that they can validate that all required configuration was successfully migrated to your new scanner.