1. Kenna FAQ
  2. General
  3. Security Tool/Vulnerability Scanner Connectors

Hosted Toolkit

The Kenna Toolkit is a containerized framework that allows Kenna engineers, customers and partners to develop data ingestion services for a wider array of scanning sources. The Toolkit framework is an open-source library of services that translate scanner vulnerability data to the Kenna Data Importer format. 

Information on the Toolkit and instructions for running the container in a local environment can be found on the public Toolkit GitHub Site. Customers can run the Toolkit on their local container environment, allowing for complete control of secret storage, parameter changes, resource allocation and scheduling. As this option is not always viable, we have created the Kenna Hosted Toolkit where customers can have the container configured and run by Kenna. 

Purpose

Some customers do not have the needed infrastructure to support running the toolkit within their own environment or simply prefer to have it hosted along with their Kenna SaaS instance.

Limitations

  • The Toolkit Tasks/Connectors are configured by Kenna and customers will not have direct access to configuration or scheduling. 
  • Toolkit processing is monitored by Kenna Engineering and when a connector run fails, the administrator specified during setup will receive an email with remediation instructions.
  • All requests to change parameters or scheduling must be submitted in a support ticket. 
  • Only API-Based Toolkit tasks are available for the hosted service. Kenna does not currently support any file-based data sources.

Before You Begin

  1. On the Toolkit GitHub Site review the parameter and authentication requirements for the Task you want to implement. 
  2. To safely share passwords/keys with Kenna Support, the Cisco Secure Doc Exchange is used. This requires you to create a login with Cisco if you don't already have one. Go to www.cisco.com and click on "Log In/Sign up" to create an account. You will receive a confirmation email and your account will not be active until you have clicked on the link provided.  You can also contact our Support Team to help you set up access and a folder for the Cisco Secure Doc Exchange tool.

    blobid0.png

  3. If possible, run a local docker instance to confirm all the needed/desired parameters settings. This will smooth the implementation and reduce the number of iterations needed when setting up the container with Kenna Support.

Implementing a Hosted Toolkit Service

  1. Create a new Kenna Data Importer (KDI) connector for each toolkit task. Note the connector ID.
  2. Open a support ticket requesting hosting for the specific task (scanner) being implemented.
    • Let support know which email address is registered with cisco.com on the Cisco Secure Doc Exchange.
    • Inform support of your desired connector run schedule. The default run is daily.
  3. Look out for an email from Kenna giving you access to a folder on the Cisco Secure Doc Exchange.
  4. Upload the file containing secrets and/or all parameter values to the folder in the Cisco Secure Doc Exchange. Non-Secret values can be shared directly in the support ticket if desired. The file should contain:
    • Scanner credentials/keys
    • Desired parameters if different from the default
    • The Kenna API Key to be used
    • The Connector ID to receive the data

Service Details

The Hosted Toolkit Service is run within the Kenna AWS cloud environment. Data is retrieved from the scanning services, transformed, and pushed to the customer's Kenna instance. Data temporarily stored during the transformation process is destroyed with the container object at the end of each scheduled run. Credentials, such as passwords and keys, are stored in the AWS Secrets store.

Connector Run Failures

Every time the Hosted Toolkit runs, it pushes data into Kenna. If a connector run fails, the administrator specified during setup will receive an automated email notification with additional details and follow up questions. The administrator should review these questions and will be directed back to this help article to review the remediation steps for each question prior to submitting a support ticket.

Important: Email notifications about failed connector runs will be sent every time your connector run fails.

Remediation Steps

To Discontinue this Connector

If you no longer need this connector's data to be ingested and would like to stop receiving failure notifications, please let our Kenna Support Team know by replying to this email or filing a ticket from the Kenna Help Center.

 

To Fix Scanner Credentials that Changed

Please verify if any recent changes were made to the account credentials that Kenna uses to access the data from your scanner. If so, please let our Kenna Support Team know by replying to the connector failure email or filing a ticket from the Kenna Help Center. Please attach the latest email failure notification with the time stamps in the header.  

Important: Please DO NOT send any credentials in an email or include them in tickets!  Use the Cisco Secure Doc Exchange outlined in the above section "Before You Begin".

To Fix Scanner Settings that Changed

Please verify if any changes were recently made to the account that Kenna uses to access your scanner data. If so, you will need to contact your scanner administrator and ask them to restore the settings for the account utilized by Kenna. If you need any additional assistance with this, please let our Kenna Support Team know by replying to the connector failure email or filing a ticket from the Kenna Help Center. Kenna Support may be able to assist with verifying the impacts of the recent changes to the connector settings. 

Important: Kenna is not responsible for supporting your scanner or scanner data, but in cases of data and data format related issues, Kenna Support can work with your scanner administrator to help narrow down the issue at hand.

For Kenna Support to be able to assist with data and data format related issues, you will have to provide a recent raw data file produced by your scanner for ingestion into Kenna.  Please DO NOT email it or include the file in a support ticket. Use the Cisco Secure Doc Exchange outlined in the above section "Before You Begin". Please be sure to include the same raw data file that caused the error when loaded into Kenna.  

To Fix any Scanner Errors

If you see any errors logged by the scanner, please let our Kenna Support Team know by replying to the connector failure email or filing a ticket from the Kenna Help Center. Kenna Support may be able to assist with correlating the scanner errors with the failed connector runs.

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more