It is recommended that you use a dedicated server or VM to run the Kenna Agent. Please make sure that your firewall rules allow the Kenna Agent to talk to your internal connectors as well as reach out to Cisco Vulnerability Management.
These scanners are currently supported:
Important: The machine must have network access to your scanner and the Kenna Security API.
After Installing the Agent, Start and Enable the Agent:
$ sudo systemctl start kenna-agent
$ sudo systemctl enable kenna-agent
$ sudo systemctl status kenna-agent
$ kenna-agent check
Make sure that the url referenced in the output from the kenna-agent check reflects the url of the environment where your instance is hosted. For most customers, this will be: "https://api.us.kennasecurity.com"
If you find any misconfigured parameter from the kenna-agent check command output. Stop the agent by following the below commands and make the important changes then start, enable and check the Kenna agent status and config details again.
To stop the agent and make the necessary changes:
$ sudo systemctl stop kenna-agent
Then go run the commands above again to start, enable, and check on the status.
Run the Connector from the Command Line
When the configuration looks good, run the connector from the command line from a personal machine.
$ kenna-agent oneshot
Important: Cisco Vulnerability Management cannot schedule or initiate a connector that is going through the agent from the UI as the connection can be only established from the customer’s end. Customer must run the “kenna-agent oneshot” command which should start a connector run or customer can wait for the scheduled connector to kick in.