You are here : Comodo HackerGuardian > HackerGuardian Support
Starting Up with the HackerGuardian PCI Scanning Service
This page explains how to configure and run your first scanning task using the HackerGuardian PCI Scanning Service.
Click the links below for detailed explanations:
Introduction to the Interface
The streamlined web-based main management interface provides easy access to each functional area of the HackerGuardian interface.
Navigation Bar
The navigation bar contains tabs to access each major functional area:
| Overview | - |
Displays the 'Overview' and 'Device List' areas. The 'Overview' area provides the administrator with a summary of the last scan and serves as a launchpad for starting a new scan on the selected device. As the name suggests, the 'Device List' area contains a list of all devices created and a summary of the last scan that was run on that device. It also allows the administrator to add, edit and configure devices and to view scan reports. Clicking the bar chart icon, |
| Schedule | - | Displays a list of existing scans, allows to add new schedule of scanning. |
| Reports | - | Enables the administrator to view the summary and complete scan reports. |
| My Account | - | Enables the administrator to configure account settings, view license, scan options and to choose which plug-ins are to be deployed during a scan. |
| Help | - | Contains links to the user Guide and to the Comodo support ticketing system. Also enables the administrator to launch a simple setup wizard for PCI Scanning. |
, underneath a device name will display statistics for that device in the main 'Overview' area.Overview Area
The 'Overview' area displays the status of the HackerProof and PCI Scans and a dashboard summary of the scan reports from last performed scan on the device selected from the 'Device List' area. Click here for more details.Device List Area
The Device List area displays a list of devices added to HackerGuardian and provides an at-a-glance summary of the status of each device. This area also allows the administrators to create a new device, edit a device, add IP’s to a device and open device reports. Click here for more details.Account Status Information and SAQ Area
The Account Status Information Area displays the number of remaining scans and free IPs/Domains deserved by the administrator and also allows the administrator to purchase the service for more IPs. Click here for more details.
This area also allows the administrator to access the Self Assessment Questionnaire (SAQ) for their self-evaluation on compliance with the Payment Card Industry Data Security Standard (PCI DSS). Click here for more details.
Running Your First PCI Scan
Comodo HackerGuardian features a built-in Setup wizard for PCI scanning that provides the fastest and easiest way to add devices and to commence a PCI scan. The wizard is accessible from the interface after you login to your account.
1. Log In To HackerGuardian:
First step in configuring HackerGuardian PCI Scanning Service is to log into the online interface at http://www.hackerguardian.com. Enter the username and password you created during sign up in the 'Secure Account Login' box.
NOTE: During signup you created a Comodo account with a Username and Password. This Username and Password has dual functionality as it allows you to log into the HackerGuardian interface and your Comodo account. In order to log into HackerGuardian to configure the service, use the login box on www.hackerguardian.com (highlighted above). To login into your Comodo account, please use the login box at www.comodo.com.
After your username /password has been verified, you will be logged into the HackerGuardian administrators interface.
2. Launch Setup Wizard for PCI Scanning
Click the 'Help' tab from the Navigation bar to access the 'Help area'...
...and then click the link 'Launch Setup Wizard for PCI scanning'. The wizard allows you to configure and start the scan in just four simple steps.
Step 1 - Add Device to Scan
In order to run a PCI (or HackerProof) scan, you must first create a Device.
A HackerGuardian 'Device' is an umbrella term that describes a grouping of IP addresses and/or domains that are to be used as the target for a PCI, HackerProof or SiteInspector scan. HackerGuardian 'Devices' can be used to 'mirror' a real life device. For example, a single machine in your organization’s infrastructure may have multiple IP addresses (and domains) which host different services. The PCI DSS guidelines state that all these IP addresses and services must be scanned. By associating multiple IP addresses and domains to a single HackerGuardian 'Device', you can simulate your real-life device and scan it for PCI compliance in one pass. All customers must create a 'device' before PCI scanning can commence.
- When creating a device, HackerGuardian requires that you specify all the externally facing IP addresses/Domains belonging to your target server, host or other device.
- Click 'Add' if you want to add the next device. The device will be added to your HackerGuardian account and accessible from the Overview area.
- If you have finished adding new devices, click 'Next' to continue the wizard.
Note: You can also add new devices and edit existing devices from the Overview area of the interface. Click here for more details.
Step 2 - Schedule the PCI Scan
The next step is to schedule the scan if you wish to run the scan at a later time or periodically. This is optional. If you do not want to schedule the scan and want to run the scan instantly, just click 'Next' button to skip this step and go to Step 3.
If you want to schedule the scan, click 'Add New Schedule +' button.
- 1.Select the device on which you wish to schedule the scan from Select Device(s) drop-down box.
- Select the IPs/Domain pertaining to the selected device from Select IP(s) box. If you wish to scan all the IPs/Domains, select 'All'.
- Select the start date for the scan schedule by clicking the calendar icon beside 'Set Start Date' text box.
- Select the recurrence period.
- Daily - The scan will be performed once per day on the specified time.
- Weekly - The scan will be performed once in a week on the specified day and time.
- Monthly - The scan will be performed once in a month on the specified date and time.
- Quarterly - The scan will be performed once in three months on the specified date and time.
- Every N days - Scan will be performed once for every n days from the start date. For example, if you specified 2 then the scan will be performed on alternate days.
- Select the start time from the 'Set Start Time' drop-down combo box and select your time zone from the Time Zone drop-down box. The scan will be started on the set time at the scheduled dates according to your time zone.
- Click 'Save' to to apply your schedule.
- Click 'Next' to continue the wizard.
Note: You can always view/modify/delete the schedules from the Scheduled Scans area of HackerGaurdian interface. Click here for more details.
Step 3 – Configure PCI Scan Email Alert Options
HackerGuardian sends automated email notifications to administrators on events like commencement of manual/scheduled scans, results of scan and failure of scans. You can set your preferences for receiving the emails as you wish. If you do not want to have email alerts at this moment, Click 'Next' to go to Step 4. You can configure the alert notifications later by accessing the My Account area.
- Select the Email Alert Options as given in the table below:
Email Address Enter the email address to which you wish to receive the scan alert message in the text box below 'Email Address'. This address can be different from the Account Email and can belong to the administrator for the specific device/domain. Device Select the Device for which you wish to receive the scan alert message from the drop-down box below 'Device'. If you wish to have the alert message for all the devices, select 'All'. IP Addresses Select the IPs/Domains pertaining to the device selected, for which you wish to receive the scan alert message from the text box below 'IP Addresses'. If you wish to have the alert message for all the IPs/Domains, select 'All'. Options Select the event for which you wish to have email notification from the drop-down box below 'Options'. - Select the Global Alert Options
- Contact me if I have not performed a scan in 3 months – Selecting this option instructs HackerGuardian to send a remainder message for an on-demand scan to the Account Email address if the administrator has missed to perform a scan for three months.
- Contact me when new vulnerability plug-in are added – Selecting this option instructs HackerGuardian to send a notification email to the Account Email address whenever a new vulnerability plug-in is added to HackerGuardian, enabling the Administrator to deploy the plug-in in future scans.
- Click 'Add' if you want to configure email settings more devices/events.
- Click 'Next' to continue the wizard.
Note: You can always view/modify the email alert options from the My Account area of HackerGaurdian interface. Click here for more details.
The next step is to commence the PCI scan on a device.
- Select the device on which you wish to commence the scan from the 'Select Device(s)' box. If you want to run the scan for all the devices at once, select 'All'.
- Select the IPs/Domains in the next box. If you want to run the scan for all the IPs/Domains associated with the selected device at once, select 'All'.
- Click Finish to commence the scan. The scan will be initiated and you can see the progress in the 'Overview' area.
Note: You can also start scanning on any existing device from the 'Device List' area of the interface. Click here for more details.
Viewing Executive, Compliance and Vulnerability Reports
- To view the Executive scan Report, click the Executive Report button beside the device name.
- To view the PCI Compliance Report, click the Compliance Report button beside the device/IP/domain name.
- To view the Vulnerability Report, click the Vulnerability Report button beside the IP/domain name.
Refer to View PCI Scan Reports for more details.
