Mapping Third-Party Product Fixes

If you map a fix name to a particular set of fixes in the database, you can then import data from a third-party patch management application and apply the fix to a set of hosts. When the fix name is imported to a host, the system marks all vulnerabilities addressed by the fix as invalid for that host.

Procedure

Step 1

Choose Policies > Application Detectors.

Step 2

Click User Third-Party Mappings.

Step 3

You have two choices:

  • Create — To create a new map set, click Create Product Map Set.
  • Edit — To edit an existing map set, click Edit (edit icon) next to the map set you want to modify. If View (View button) appears instead, the configuration belongs to an ancestor domain, or you do not have permission to modify the configuration.

Step 4

Enter a Mapping Set Name.

Step 5

Enter a Description.

Step 6

You have two choices:

  • Create — To map a third-party product, click Add Fix Map.
  • Edit — To edit an existing third-party product map, click Edit (edit icon) next to it. If View (View button) appears instead, the configuration belongs to an ancestor domain, or you do not have permission to modify the configuration.

Step 7

Enter the name of the fix you want to map in the Third-Party Fix Name field.

Step 8

In the Product Mappings section, choose the operating system, product, and versions you want to use for fix mapping from the following fields:

  • Vendor
  • Product
  • Major Version
  • Minor Version
  • Revision Version
  • Build
  • Patch
  • Extension

Example:

If you want your mapping to assign the fixes from Red Hat Linux 9 to hosts where the patch is applied, choose Redhat, Inc. as the vendor, Redhat Linux as the product, and 9 as the version.

Step 9

Click Save to save the fix map.