Set Up IBM DB2 Authentication

The Scans > Authentication section is where you'll find authentication records saved in your account, including IBM DB2 records. During scanning the service will authenticate to one or more DB2 instances on a single host using the DB2 records in your account. When there are multiple DB2 instances, you create a separate authentication record for each instance. 

See  below for help with the settings that appear in the IBM DB2 record.

Note: For the most current list of supported authentication technologies and the versions that have been certified for VM and PC by record type, please refer to the following article: Authentication Technologies Matrix

Quick Links: Why use host authentication


Few things to consider

What defines a DB2 instance?
For a vulnerability scan, an instance is defined uniquely by an IP address and port. For a compliance scan, an instance is defined uniquely by an IP address, port, and database name.

Show me an example of multiple DB2 records
Let's say you want to define these DB2 records in your account. In the table below, PC Only=Yes indicates that the check box “Use this record for Policy Compliance scans only” is selected in the record.

  IP Address Port Database Name PC Only
Record 1 10.10.31.178 50000 SAMPLE No
Record 2 10.10.30.159 50000 TOOLS No
Record 3 10.10.30.159 50000 SAMPLE Yes

 

Record 1 and Record 2 will be used for both vulnerability scans and compliance scans. Record 3 will be used for compliance scans only. You’ll notice that Record 2 and Record 3 have the same IP address and port but different database names - this is allowed because Record 3 is used for compliance scans only.

Will this record be used for vulnerability and compliance scans?

By default, DB2 records will be used for both vulnerability and compliance scans. You can select the check box "Use this record for Policy Compliance scans only" if you want this record to only be used for compliance scans.

What are the Steps

Follow these steps to create or edit an IBM DB2 record:

1) Review the  Setup for IBM DB2 Auth   | Setup for IBM DB2 for z/OS Auth setup guide for system and account requirements.

2) Go to Scans > Authentication.

3) Take one of these actions: 

3a - To create a new IBM DB2 record, select New > Databases > IBM DB2.

3b - To make changes to an existing IBM DB2 record, select a record in the list and choose Edit from the Quick Actions menu. 

4) The New IBM DB2 Record or Edit IBM DB2 Record window appears (depending on the action taken). This is where you will make your record settings.

5) Choose a tab on the left side of the IBM DB2 Record window to see the settings available. Provide the necessary inputs on each tab, then click Save.

IBM DB2 Record Settings

See the help below for the settings that appear on each of the tabs within the IBM DB2 record.

Note for Unit Managers: When a Unit Manager edits a record, the Unit Manager only sees the IPs in the record that they have permission to. Any changes made by the Unit Manager to the record settings will apply to all hosts defined in the record, regardless of whether all hosts belong to the user's business unit. The record may contain more IPs that are not visible to the Unit Manager.

Record Title

Login Credentials

Windows Parameters (PC only)

Unix Parameters

IPs

Comment