Arctic Wolf Managed Risk Scanner Configuration Migration

Updated Jul 31, 2023

Migrate Managed Risk Scanner configurations

During an operating system upgrade, you can migrate these scanner configurations:

Before you begin

  1. Follow the instructions for the physical scanner that Arctic Wolf sent to you or the instructions for your preferred virtual deployment option. See the Managed Risk Scanner Installation and Configuration Guide.
  2. Allowlist all IP address ranges, as described in the appropriate installation guide.
  3. On the Risk Dashboard, confirm that your new scanner is registered and can connect to Arctic Wolf. See Scanner Configuration in the Risk Dashboard User Guide for more information.

Note: If you are migrating a physical scanner, contact your Concierge Security Team® (CST) to replace the hardware.

Migration options

There are two available options to do this migration. Choose the option that best suits you.

Manually migrate your Managed Risk Scanner configuration

You can manually migrate all Managed Risk Scanner configurations, preferences, and scan schedules.

Before you begin

Before you begin the migration, we recommend taking one of these approaches so that you can easily set configurations, preferences, and schedules on the new scanner:

Note: If you are migrating a physical scanner, contact your Concierge Security Team® (CST) to replace the hardware.

Steps

  1. Migrate configuration settings and preferences.
  2. Migrate scan schedules.

Step 1: Migrate configuration settings and preferences

  1. In the Risk Dashboard, click Config > Scanner Config to open the Scanner Config page.
  2. In the Scanner ID field, confirm that the new scanner is selected.
  3. Under Scanner Configuration, make adjustments to scan configuration to match the old scanner:
    1. Enable or disable Host Identification Scans using the toggle.
    2. Enable or disable Vulnerability Scanning using the toggle.
    3. In the DenyList IP/Networks field, add IP addresses or networks.
    4. In the Host Collection DNS Servers field, enter the DNS server address.
  4. Click Troubleshooting Settings to open the Troubleshooting settings dialog and make adjustments to match these settings with the old scanner:
    1. Enable or disable Brute force checks using the toggle.
    2. Enable or disable CGI scanning using the toggle.
    3. Enable or disable Only ping the target using the toggle.

Step 2: Migrate scan schedules

To migrate scanner schedules to the new scanner:

  1. For each scan schedule that you need to migrate:

    1. Under Scanning Schedule, click Add a new scan schedule to open the Configure Scanning Scheduler dialog, and enter all scan schedule details.

    Tip: See Add a new scan schedule in the Risk Dashboard User Guide for complete steps.

    1. . Click Configure to save the schedule for the new scanner.
  2. Remove the schedule from the old scanner:

    1. In the Scanner Configuration section, click the magnifying glass to select your old scanner UUID from the list.
    2. Click the trash can beside existing scan schedules that you migrated to the new scanner. That way, both scanners do not scan the same networks and report the same risks multiple times.

Next steps

Migrate Managed Risk Scanner configuration using a script

You can use a migration script to migrate all Managed Risk Scanner configurations, preferences, and scan schedules.

Requirements

Before you run any migration commands, confirm that you have installed and configured the following:

Steps

  1. Download the tar file from the link that your Concierge Security® Team (CST) provided.

  2. Run this command to extract the contents of .tar file:

    tar -xvf migrate_config.tar
  3. Run this command to change to the the extracted directory:

    cd migrate_config/
  4. Run this command to change the permission of the script and let it run:

    sudo chmod +x migrateScannerConfig.sh
  5. Run this command to run the migration script:

    ./migrateScannerConfig.sh
  6. When prompted, enter the old scanner UUID as the source scanner UUID.

  7. When prompted, enter the new scanner UUID as the destigation scanner UUID.

If the script succeeds, a message similar to this appears: Configuration, preferences and schedules have been successfully migrated

Note: If there is an error or issue, contact your CST and include the red status messages that explains the failure. Do not proceed with the migration.

Next steps

Migrate credentialed scan configurations

If you have any credentialed scans that existed on your previous scanner, you must add them as new credentials in the Risk Dashboard.

See Add new scan credentials in the Risk Dashboard User Guide for complete steps.

Contact your CST

After completing all migration steps, contact your Concierge Security® Team (CST) so that they can validate that all required configuration was successfully migrated to your new scanner.