Access NCM firmware vulnerability settings
NCM imports the firmware vulnerability warnings provided by National Institute of Standards and Technology (NIST) and correlates vulnerabilities with managed nodes. Use the firmware vulnerability settings to specify when the matching logic runs or change the default import locations or alert threshold.
- Click Settings > All Settings.
- Under Product Specific Settings, click NCM Settings.
- Under Advanced, click Firmware Vulnerability Settings.
-
Adjust the settings as needed:
Setting Description Enable daily auto run of vulnerability matching logic Determines whether NCM automatically matches firmware vulnerability warnings with your devices to determine if any devices are affected. This option is enabled by default. Run at The time each day that NCM checks for devices affected by vulnerabilities. Run Now Checks for vulnerabilities on demand. Delete All Deletes all of the vulnerabilities currently found. Direct urls to json vulnerability announcements The location of the file that contains vulnerability data. In NCM 2023.3 and later, NCM retrieves this data from NIST using their API and stores it in a
.zip
file on solarwinds.com.To add additional vulnerability file locations, click Add New and specify the location.
CPE Match data feed url The URL of the CPE match data feed, which provides the product or platform applicability statement to CPE URI matching based on the CPEs in the official CPE dictionary. This is the same information displayed on the NIST website when you expand the matches for a match criteria.
Vulnerability alert score threshold The severity level that triggers an alert. The default is 5. - Click Submit.