View Categories

Saner Administration Guide

Print Friendly, PDF & Email

The Saner platform equips IT teams with tools to keep devices up to date and protect infrastructure from cyberattacks. To manage the Saner platform effectively, IT administrators must perform specific tasks.

The Control Panel page offers features that help IT administrators and security teams:

a. Create organizations and accounts
b. Add new users and update existing user permissions
c. Discover and manage devices

This guide provides the information you need to use the Control Panel page and manage your Saner platform efficiently.

Access Control Panel

1. Sign in to the Saner web console as an Admin, Org Admin, or Account Admin.

2. Select the Control Panel icon located on the right side of the Unified Dashboard page.

The Control Panel page displays a navigation panel on the left, listing all available features grouped into the following sections:

a. Organization and account management
b. Users
c. Discovery
d. Deployment
e. Scanners
f. Settings

Organization and account management

In Saner, an organization is a dedicated space that can contain one or more accounts. An account includes devices, device groups, and user groups managed by the Account Admin. After installation, the Saner Agent automatically assigns the device to the appropriate account.

List all organizations

User access level:
You must be signed in as an Admin or Organization Admin to view all organizations.

On the Control Panel page, select the drop-down menu next to the organization icon, and then select All Organizations.

The All Organizations page appears on the right side of the screen. It displays the total number of organizations, as well as the number of subscriptions assigned and the number of subscriptions available.

Each square tile on the All Organizations page represents an existing organization and displays the following information:

a. Organization name
b. Organization admin’s email address
c. Number of subscriptions used
d. Number of subscriptions available

AttributeDescription
Name(Required) The name of the organization.
Allowed subscriptions
(Required) The total number of subscriptions assigned to the organization.
Expiry date(Required) The date the organization expires. When it expires, all associated accounts also expire.
Tools provisionThe Saner tools assigned to the organization.

Add an organization

User access level:
You must be signed in as an Admin or Organization Admin to add an organization.

1. Sign in to the Saner web console.

2. Go to the Control Panel page.

3. Select the drop-down menu next to the organization icon, and then select All Organizations.
The All Organizations page appears on the right side.

4. Select New Organization.
The Onboard Your Organization page appears.

5. In the Organization Name box, enter a name that meets the following criteria:

  • Between 4 and 50 characters.
  • May include letters, numbers, hyphens (-), underscores (_), and periods (.).

5. In the Allowed Subscriptions box, enter the number of subscriptions to assign to the organization.
The total number of available subscriptions appears in red above the Allowed Subscriptions box.

6. In the Expiry Date box, select the expiration date for the organization.

7. In the Select Products box, select the Saner tools to assign.
Tools you’ve subscribed to are selectable; unsubscribed tools appear dimmed.

8. Select ONBOARD ORGANIZATION.

Saner creates the organization, and the newly created organization appears on the All Organizations page.

Note:
During organization creation, Saner automatically creates an account within the organization.

Modify an organization

User access level:
You must be signed in as an Admin or Organization Admin to modify an organization.

1. Sign in to the Saner web console and go to the Control Panel page.

The Control Panel page appears.

2. Select the drop-down menu next to the organization icon and then select  All Organizations.

The All Organizations page appears on the right side.

3. Hover over the organization you want to modify

The Edit and Delete button appears.

4. Select Edit.

The Modify Organization Preferences page appears.

5. On the Modify Organization Preferences page, you can update the following attributes:

  • Organization Name
  • Email ID
  • Organization Identity
  • Allowed Subscriptions
  • Expiry Date
  • Provision Tools

6. Select Update after making your changes

Saner saves the updates to the organization.

Delete an organization

User access level:
You must be signed in as an Admin or Organization Admin to delete an organization.

1. Sign in to the Saner web console and go to the Control Panel page.

The Control Panel page appears.

2. Select the drop-down menu next to the organization icon and then select  All Organizations.

The All Organizations page appears on the right side.

3. Hover over the organization you want to modify

The Edit and Delete button appears.

4. Select

5. In the Delete Organization confirmation dialog, select Delete.

Saner deletes the organization.

Important:
Deleting an organization also deletes all accounts associated with it, along with their data, from Saner.
The Saner Agents installed on devices linked to the deleted accounts enter an inactive state and must be uninstalled manually.

List accounts

User access level:
You must be signed in as an Admin or Organization Admin to list an account.

1. Sign in to the Saner web console, and go to the Control Panel page.

The Control Panel page appears.

2. Select the drop-down menu next to the icon and and then choose the organization you want to work with.

The Accounts page appears on the right side and lists all accounts associated with the selected organization.

The Accounts page displays a table with the following information:

Column NameDescription
Account NameThe name of the account.
Email Id
The sign-in ID of the account administrator.
SubscriptionThe number of subscriptions used by the account.
Saner supports two subscription types: Auto Increment and Custom. In the Auto Increment type, Saner automatically assigns a new subscription to each Saner Agent until all available subscriptions are used. In the Custom type, Saner assigns subscriptions from a specified pool
Expiry DateThe date the account expires.
An account cannot remain active beyond the organization’s expiry date. If an account is expired, it appears with the label Expired in red.
ActionThe actions you can perform on the account. These include editing, deleting, and viewing account details.
Mail Settings,
Edit Account Details,
Delete an Account, and
Dive into an Account.


The total number of accounts in the selected organization, the number of subscriptions in use, and the number of available subscriptions appear above the account details table..

Add an account

User access level:
You must be signed in as an Admin or Organization Admin to create an account.

1. Sign in to the Saner web console, and go to the Control Panel page.

The Control Panel page appears.

2. Select the drop-down menu next to the icon and select the organization you want to work with.

The  Accounts page appears on the right side.

3. In the  Account Name box, enter a name for the account.

The account name must meet the following criteria:

  • Contain at least 3 characters and no more than 127 characters.
  • Use only alphanumeric characters and the following special characters:
    - (hyphen), _ (underscore), and . (period).

4. In the Email ID box, enter the email address where account-related alerts and reports should be sent.

5. Under Allowed Subscriptions, select either Auto Increment or Custom as the subscription type.

6. To automatically update Saner Agents to the latest version, turn on Agent auto update.

7. To require a password during Saner Agent uninstallation, turn on Password protect agent, and then enter a password.

8. Select Create.

  Saner creates the account, which then appears on the Accounts page.

Note:
All Saner tools provisioned for the parent organization are automatically assigned to the account during creation. To change the tools provisioned for the account, modify the account preferences.

Modify an account

User access level:
You must be signed in as an Admin or Organization Admin to modify an account.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

The  Accounts page appears on the right side.

3. In the Accounts table, under the  Action column, click to the right of the account you want to modify.

The Modify Account Preferences page appears.

4. Make the required changes. Click  Update to save the modifications you made to the account.

 Saner updates the account preferences.

Delete an Account

User access level:
You must be logged in as an Admin/Organization Admin to delete an Account.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

The  Accounts page appears on the right side.

3. In the Accounts table, under the Action column, click to the right of the account you want to delete.

4. Click Delete on the Delete Account confirmation message.

Saner deletes the account.

Users

A role in Saner determines actions a user can perform using Saner tools. Saner comes with three built-in roles.

Roles

RoleDescription
AdminBy default, the admin role gets created during the initial onboarding of an enterprise. The admin user has complete access to create organizations and accounts and perform all types of administrative tasks using Saner tools. You can’t transfer the admin role to other users in Saner.
Organization AdminAn organization admin has complete access to an organization and can perform all administrative tasks
Account AdminAn account admin has complete access to an account and can perform administrative tasks with an account.
Normal User (Full Access)A normal user can perform operations such as Create, Modify, and Delete using the tools provisioned for access. However, a normal user can’t access the Control Panel to perform tasks such as User Management, Deployment, and Settings.
Normal User (Read-Only)A normal user with read-only access can only perform read-only operations using Saner tools. This type of user can’t perform operations such as Create, Modify, and Delete using any Saner tools. Also, these users don’t have access to the Control Panel page to perform tasks related to User Management, Deployment, and Settings.
Tool/Feature Actions Allowed Admin Organization Admin Account Admin Normal User (Full Access) Normal User (Read-Only Access)
Control Panel Create New User ✓ ✓ ✓ ✓ ✓
Edit User ✓ ✓ ✓ ✓ ✓
Enforce MFA ✓ ✓ ✓ ✓ ✓
Enforce SSO Authentication ✓ ✓ ✓ ✓ ✓
Enable API Key ✓ ✓ ✓ ✓ ✓
Delete User ✓ ✓ ✓ ✓ ✓
Device Discovery ✓ ✓ ✓ ✓ ✓
Active Directory Sync ✓ ✓ ✓ ✓ ✓
Device Import ✓ ✓ ✓ ✓ ✓
Agent Deployment ✓ ✓ ✓ ✓ ✓
Create/Edit/Delete Agent Configuration ✓ ✓ ✓ ✓ ✓
Network Scanner ✓ ✓ ✓ ✓ ✓
Posture Anomaly Scanner ✓ ✓ ✓ ✓ ✓
Risk Prioritization Scanner ✓ ✓ ✓ ✓ ✓
Create/Modify Integration Settings ✓ ✓ ✓ ✓ ✓
Create/Modify Mail Settings ✓ ✓ ✓ ✓ ✓
Create/Modify Co-Branding ✓ ✓ ✓ ✓ ✓
Saner VM Exclude ✓ ✓ ✓ ✓ ✓
Remediate ✓ ✓ ✓ ✓ ✓
Patch Approval ✓ ✓ ✓ ✓ ✓
Saner CM Import ✓ ✓ ✓ ✓ ✓
Create New Benchmark ✓ ✓ ✓ ✓ ✓
Apply Selected Configurations ✓ ✓ ✓ ✓ ✓
Approve/Reject Selected Patches ✓ ✓ ✓ ✓ ✓
Revert Selected Patches ✓ ✓ ✓ ✓ ✓
Create Automation Rule ✓ ✓ ✓ ✓ ✓
Rollback Patches ✓ ✓ ✓ ✓ ✓
Remove Device ✓ ✓ ✓ ✓ ✓
Reboot Device ✓ ✓ ✓ ✓ ✓
Filter applicable tasks ✓ ✓ ✓ ✓ ✓
Pause applicable tasks ✓ ✓ ✓ ✓ ✓
Resume applicable tasks ✓ ✓ ✓ ✓ ✓
Stop applicable tasks ✓ ✓ ✓ ✓ ✓
Delete tasks ✓ ✓ ✓ ✓ ✓
Saner PM Request for Patch Approval ✓ ✓ ✓ ✓ ✓
Exclude ✓ ✓ ✓ ✓ ✓
Apply Selected Patches ✓ ✓ ✓ ✓ ✓
Approve/Reject Selected Patches ✓ ✓ ✓ ✓ ✓
Revert Selected Patches ✓ ✓ ✓ ✓ ✓
Create Automation Rule ✓ ✓ ✓ ✓ ✓
Rollback Patches ✓ ✓ ✓ ✓ ✓
Remove Device ✓ ✓ ✓ ✓ ✓
Reboot Device ✓ ✓ ✓ ✓ ✓
Filter applicable Tasks ✓ ✓ ✓ ✓ ✓
Pause applicable Tasks ✓ ✓ ✓ ✓ ✓
Resume applicable Tasks ✓ ✓ ✓ ✓ ✓
Stop applicable Tasks ✓ ✓ ✓ ✓ ✓
Delete Tasks ✓ ✓ ✓ ✓ ✓
Saner EM Checks ✓ ✓ ✓ ✓ ✓
Actions ✓ ✓ ✓ ✓ ✓
Delete Job ✓ ✓ ✓ ✓ ✓
Saner AE Add/Edit New Asset Licenses ✓ ✓ ✓ ✓ ✓
Add/Edit New Asset Listing (Blacklist/Whitelist) ✓ ✓ ✓ ✓ ✓
Upload from CSV (Blacklist/Whitelist) ✓ ✓ ✓ ✓ ✓
Saner PA All Anomalies ✓ ✓ ✓ ✓ ✓
Configure ✓ ✓ ✓ ✓ ✓
Whitelist ✓ ✓ ✓ ✓ ✓
Custom Rules ✓ ✓ ✓ ✓ ✓
Saner RP Remediate ✓ ✓ ✓ ✓ ✓
Configuration ✓ ✓ ✓ ✓ ✓
Device Management Scan Now ✓ ✓ ✓ ✓ ✓
Create/Modify/Delete Groups ✓ ✓ ✓ ✓ ✓
Create/Modify Pin for devices ✓ ✓ ✓ ✓ ✓
Create/Modify/Delete Tags for devices ✓ ✓ ✓ ✓ ✓
Disable/Enable Device ✓ ✓ ✓ ✓ ✓
Move Device ✓ ✓ ✓ ✓ ✓
Delete Device ✓ ✓ ✓ ✓ ✓
Uninstall Agent ✓ ✓ ✓ ✓ ✓
Alerts Create/Modify Alerts ✓ ✓ ✓ ✓ ✓
Reports Create New Report ✓ ✓ ✓ ✓ ✓
Download Report ✓ ✓ ✓ ✓ ✓
Email Report ✓ ✓ ✓ ✓ ✓
Saved Reports ✓ ✓ ✓ ✓ ✓
Account Report APIs ✓ ✓ ✓ ✓ ✓
Organization Report APIs ✓ ✓ ✓ ✓ ✓

List All Users

User access level:
You must be logged in as an Admin/Organization Admin to list all the users.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click Users.

The Users page appears.

The Users page contains the user’s table with the below information.

Column Name Description
Login IDThe email address of the user.
NameThe name of the user.
RoleThe role assigned to the user.
User GroupThe name of the user group to which the user belongs.
Managing OrganizationsIf the user is an organization administrator, the organizations the user has permission to manage are displayed. If the user is an account administrator, the accounts the user has permission to manage are displayed.
Managing AccountsThe accounts that the user has permission to manage.
ActionThe actions a user can perform on the Organizations/Accounts they have permission to. The following actions can be performed on the account.
Enforce SSO Authentication
Enforce Multifactor Authentication
Modify User Preferences
Delete User

Add a user

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to list add an user.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click Users.

The Users page appears.

3. Click  New User.

   The  New User window appears.

4. In the  Login Id box, provide the email address that will be used to log in to the Saner web console.

5. In the Name box, provide a name for the user account.

6. In the User Group box, provide the name of the user group that the user account will be part of.

7. In the  SSO Policy drop-down box, select the SSO policy.

8. In the  Password box, provide the password.

The password should meet the below criteria:

Password must have one number, one lowercase character, one uppercase character, and one special character.

Password must have a minimum of eight characters and should not exceed more than 100 characters.

9. In the Confirm Password box,  re-type the password you entered.

10. In the MFA Policy drop-down box, select the policy you have created.

11. In the Role drop-down box, select the role you want the user to have.

12. In the Managing Organizations drop-down box, select the organizations the user should have access to.

13. In the Manage option box, choose the level of access you want the user to have.

14. Click Create.

 Saner creates the user, and it appears on the Users page.

Modify a User

User access level:
You must be logged in as an Admin/Organization Admin to modify a user.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click Users.

The Users page appears.

3. In the Users table, under theA ction column, click to the right of the user account you want to modify.

The Modify User Preferences page appears.

4. You can modify all the information on the Modify User Preferences page except for the Login Id information.

5. Click Update.

Saner updates the user account preferences.

Delete a User

User access level:
You must be logged in as an Admin/Organization Admin to delete a user.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click Users.

The Users page appears.

3. In the Users table, under the Action column, click to the right of the user account you want to delete.

4. Click Delete on the Delete User confirmation message.

Saner deletes the user.

Authentication

You can use two-factor authentication to secure your Saner login. Saner supports Single-Sign-On and Multi-factor authentication.

Single Sign-On

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to configure SSO.

You can configure SSO to log on to Saner. Any SSO vendor that supports OAuth 2.0 can be used with Saner.

Refer to the below SSO Vendor Guides.

Multi-Factor

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to configure MFA.

You can configure Multi-factor authentication to secure Saner logins. By default, Saner supports the Authenticator App for MFA. You can configure any MFA provider to use with Saner.

Configure MFA

You can configure Multi-factor authentication to secure Saner logins. By default, Saner supports the Authenticator App for MFA.

Refer to the MFA Guide to learn more about configuring MFA with Saner.

Deployment

Saner’s Deployment section contains features that allow you to discover devices on your network and import devices using a JSON/CSV file or from an Active Directory environment.

At the same time, the Deployment section provides Saner Agent installers for different operating systems platforms. It provides an  Offline Deployer tool that can be used to deploy Saner Agents on devices.

Also, the Deployment section has Saner Network Scanner – that helps you to identify vulnerabilities and misconfigurations across all IP-enabled devices in your network.

Device Discovery

The  device discovery scanner helps you discover devices that exist in your network. You can specify an IP address or a range of IP addresses for the device discovery scanner to search for devices in your network. The  device discovery scanner lists all the discovered devices on the Device Discovery page.

You can configure the periodic discovery scan to run Daily, Weekly, and Monthly.

You must have an active Saner Network Scanner in your account to discover devices using the device discovery feature. Refer to the Saner Network Scanner User Guide to learn how to designate a device as a network scanner.

Discover Devices

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to run device discovery.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

3. Click Device Discovery. (  Deployment –>Discovery–>Device Discovery)

  The Device Discovery page appears on the right side.

4. In the Network Scanner drop-down menu, select the scanner you want to use to discover devices.

In the Target IP Address box, provide an IP address or an IP address range. You can also specify the IP addresses using a CIDR notation.

5. Click Discover.

 The device discovery scanner scans the provided IP address/IP address range and lists all the found devices in the  Discovered Devices table. The Discovered Devices table shows the Hostname, IP address, and Operating system of the discovered devices. A checkbox appears to the left of the Hostname in the  Discovered Devices table. You can click the checkboxes next to the devices you want to add to Saner.

6. Above the Discovered Devices table, click Add to add the selected devices to Saner. All the selected devices appear on the  Unmanaged Device page.

Device Import

The Device Import feature in Saner allows you to import devices into Saner . You must provide the device details in CSV (Comma Separated Values) or JSON format and import the devices.

The details below must be provided when importing the devices into Saner.

  • Name
  • IP Address
  • Mac Address
  • Group
  • TagKey1
  • TagKey2

Values Description
NameThe hostname of the device.
IP AddressThe IP address of the device.
Mac AddressThe mac address of the device.
GroupThe device group to which the device belongs.
TagKey1Specify a tag for the device.
TagKey2Specify a tag for the device.
Note:
You can specify multiple tags for a device during the device import. To add a new tag to a device in a JSON format, add a new value to the TagKey key. Similarly, in CSV format, add a new column, TagKey, and specify a new value.

Import Devices

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to import devices.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

3. Click Device Discovery. (  Deployment –>Discovery–>Device Import)

  The Device Import page appears on the right side.

4. On the Device Import page, select the account from the drop-down box you want to work with.

5. Click Sample CSV or Sample JSON to download the sample template.

6. Fill the device details in the downloaded template (CSV/JSON) file.

7.Click Select File.

  The File browser window opens. Locate the CSV/JSON file using the File browser window.

 8. Click Import.

Saner successfully imports the device to Unmanaged Devices.

Important:
When importing a device into Saner, ensure the following conditions are met:
a. Ensure the name of the device is unique.
b. The IP address and Mac address are in the correct format.
The Import button is disabled if the above conditions are not met.

Agents

Saner provides lightweight agents that can be installed on Windows, Linux, IBM AIX, and Mac systems.

Agent Deployment

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to download and deploy Saner Agents.

The Agent Deployment page provides Saner installers for the below operating systems.

  • Windows
  • Linux (Debian and RPM)
  • MacOS
  • IBM AIX

You can download the installer directly and install the Saner Agent on the device. Also, you can generate a download link that can be used to install Saner Agent on a device.     

Refer here to learn about the operating systems on which Saner Agent can be installed.

Installing Saner Agent

You can install Saner Agent graphically or using a command-line interface. Refer the link below to learn more on installing Saner Agent.

https://saner.secpod.com/docs/Agent-Installation-Help-Guide.html?activeTab=Agent%20Installers

You can also use Offline Deployer tool to install Saner Agent on a device. Refer the link below to learn more on how to user Offline Deployer to deploy Saner Agents.

https://saner.secpod.com/docs/Agent-Installation-Through-Saner-Deployer.html?activeTab=Offline%20Deployer

Agent Configuration

The  Agent Configuration page allows you to create/modify configuration settings for the Saner Agent.

You can configure the Agent configuration settings mentioned below.

  • Scan
  • Schedule
  • Remediate
  • Network
  • Upgrade
  • Language
  • Logs
Note:
Saner creates  Default settings for Saner Agent that cannot be modified or deleted and is applied to all the groups. If you want to specify new settings for Saner Agent, you must create new agent settings and apply them to the device groups you want.
Create Saner Agent Settings
User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to create Saner Agent settings.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

3. Click Agent Configuration. (  Deployment –>Discovery–>Agents–>Agent Configuration)

  The Agent Settings page appears on the right side.

4. Select the account you want to work with from the drop-down menu on the Agent Settings page.

5. Click Create Settings.

The Create Settings page appears on the screen.

6. Click the  Scan tab on the left side of the Create Settings page.

7. In the  Scan mode drop-down box, choose the scan mode you want.

7.1 If you chose Scan mode as Low, specify the CPU threshold. You can use the slider to allocate the percentage of CPU that should be used during the scan.

7.2 In the Scan for vulnerability box, drag the slider to the right if you want Saner Agent to perform a vulnerability scan. You can drag the slider to the left if you want Saner Agent not to perform a vulnerability scan.

7.3 In the Scan for compliance box, drag the slider to the right if you want Saner Agent to perform a compliance scan. You can drag the slider to the left if you want Saner Agent not to perform a compliance scan.

7.4 In the  Behavior when scan is missed drop-down box, you can choose from the following options:

  •  As soon as it detects a missed scan. Saner Agent starts a scan immediately when it detects a scan is missed.
  • Postpone by x hours. You can configure Saner Agent to start a scan after the ‘x’ number of hours after the device reboots.
  • As per the next scheduled scan. You can configure Saner Agent to start the scan as per the following scheduled scan.

8. Click the  Schedule tab.

8.1 In the Download drop-down box, choose when you want Saner Agent to download security content.

8.2 In the Scan drop-down box, choose when you want Saner Agent to start the scan.

8.3 In the  Agent Messaging drop-down box, select the type of messaging you want Saner Agent to use. You can choose between Live and  Poll.

9. Click the Remediate tab.

9.1 In the  Vendor products patch server drop-down box, choose the server type. You can choose between the Default Server or  Default with Alternate/Secondary Microsoft Patch Server.

If you choose Default with an Alternate/Secondary Microsoft Patch Server, you must specify the path for the secondary server in the  Secondary Patch Server. You must also specify the condition under which the Saner Agent should contact the secondary patch server. You can choose between  Default Server Connect or Patch Search fails.

9.2 In the  Third-party products patch server drop-down box, you can choose between Default or  Local.

If you choose Local, the Saner Agent will contact the repository configured locally. You can connect to the local repository using HTTP, HTTPS, or FTP protocol.

9.3 In the enter URL box, provide the URL for the local repository.

9.4. In the  Buffer Patches box, slide the slider to the right to enable buffering of patches.

9.4.1. In the Maximum cache size limit box, specify the buffer cache size in MB.

9.4.2. In the  Maximum buffering speed box, specify the buffering speed in percentage.

10. Click Network.

10.1. Click  Enable proxy if you use a proxy in your environment.

10.2. In the Proxy Host Name box, provide the proxy server’s hostname.

10.3. In the  Proxy Port box, provide the port number associated with the proxy server.

10.4. Click  Authenticate if your proxy server uses authentication.

10.5. In the User ID box, provide the username to authenticate to the proxy server.

10.6. In the Password box, provide the password to authenticate to the proxy server.

11. Click  Upgrade.

11.1. In the  Agent upgrade box, you can choose between Automatic and  Disabled.

11.2. If you select  Automatic, Saner Agents will automatically be upgraded to the latest version.

11.3. If you select Disabled, Saner Agents won’t be upgraded to the latest version.

12. Click Logs.

12.1. In the Log Type box, you can choose between  Audit and Debug log type.

Saner Agent saves minimal logs if you choose the log type as  Audit.

Saner Agent saves detailed logs if you choose the log type as  Debug.

13. In the  Settings Name box, provide a name for the Saner Agent settings.

14. In the Settings  Description box, provide a description for the Saner Agent settings.

15. In the  Select groups drop-down box, select the groups to which you want the Saner Agent settings to be applied.

16. Click Create.

Saner creates the agent settings and displays them on the  Agent Settings page.

Edit Saner Agent Settings
User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to edit Saner Agent settings.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

3. Click Agent Configuration. (  Deployment –>Discovery–>Agents–>Agent Configuration)

  The Agent Settings page appears on the right side.

4. Select the account you want to work with from the drop-down menu on the Agent Settings page.

5. On the Agent Settings page, click  in the Edit column next to the agent settings you want to edit.

The (save), (cancel), and (delete) buttons appear.

The Description and Applied Groups boxes are enabled for changes.

6. Click the settings name under the Name column to modify the agent settings.

The Update Settings page appears.

7. Modify the configuration settings as per your requirements.

8. Click Update.

Saner updates the agent configuration settings.

Delete Saner Agent Settings
User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to delete Saner Agent settings.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

3. Click Agent Configuration. (  Deployment –>Discovery–>Agents–>Agent Configuration)

  The Agent Settings page appears on the right side.

4. Select the account you want to work with from the drop-down menu on the Agent Settings page.

5. On the Agent Settings page, click  in the Edit column next to the agent settings you want to delete.

The (save), (cancel), and (delete) buttons appear.

6. Click

7. Click OK on the confirmation message.

Saner deletes the agent configuration settings.

Network Scanner

Saner Network Scanner helps you identify vulnerabilities and misconfigurations across all IP-enabled devices in your organization. To do this, you don’t have to invest in additional hardware.

Network Scanner scans your network by leveraging the endpoints in your network. Saner’s Network Scanner is built on a hub and spoke model – which effectively reduces the scan time required to scan and discover vulnerabilities in your network – making the entire process seamless and continuous.

Refer Saner Network Scanner User Guide to learn more.

Authentication

You can use two-factor authentication to secure your Saner login. Saner supports Single-Sign-On and Multi-factor authentication.

Single Sign-On

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to enforce SSO authentication for user accounts in Saner CVEM.

You can configure SSO to log on to Saner. Any SSO vendor that supports OAuth 2.0 can be used with Saner.

Refer to the below SSO Vendor Guides.

Multi-Factor

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to enforce Multi-factor authentication on user accounts in Saner CVEM.

You can configure Multi-factor authentication to secure Saner logins. By default, Saner supports the Authenticator App for MFA. You can configure any MFA provider to use with Saner.

Configure MFA

You can configure Multi-factor authentication to secure Saner logins. By default, Saner supports the Authenticator App for MFA.

Refer to the MFA Guide to learn more about configuring MFA with Saner.

Settings

The Settings section in Saner includes features for configuring a mail server and uploading a custom logo.

Use Mail Settings to configure a mail server for sending alerts and notifications to specified recipients.

Use Co-Branding to upload your organization’s logo, which appears in the Saner web console.

Mail Settings

The Mail Settings feature supports two authentication types: Basic and OAuth.

Configure Mail Settings (Basic)

User access level:
You must be signed in as an Admin or Organization Admin/Account Admin to configure OAuth mail settings.

1. Sign in to the Saner web console, and then go to the Control Panel.
The Control Panel page appears.

2. Select the drop-down menu next to the icon and and then choose the organization you want to work with.

3. Select Deployment > Settings > Mail.
The Mail Settings page appears.

4. Select New Mail Settings in the upper-right corner of the Mail Settings page.
The New Mail Settings window appears..

5. In the SMTP Host box, enter the host name or IP address of the SMTP server (for example, smtp.example.com).

6. In the SMTP Port box, enter the port number for the SMTP server.

7. In the SSL Trust list, select the SSL option your email server supports.

 8. In the User Name box, enter the email address used to authenticate with the SMTP server.

 9. In the Authentication box, select Basic.

 10. In the Password box, enter the password associated with the email address you provided.

11. In the From box, enter the sender name that should appear in emails sent from Saner.

 12. In the Accounts to apply list, select the accounts you want to apply these mail settings to.

 13. Select Test Mail to send a test email.

If you don’t receive the test email, verify the information entered in steps 5 through 10.

If you receive the test email, proceed to the next step.

 14. Select Create.
Saner saves the mail settings and displays them on the Mail Settings page.

Important:
You can apply mail settings to an account and an organization in Saner.

Configure Mail Settings (OAuth)

User access level:
You must be logged in as an Admin/Organization Admin/Account Admin to configure OAuth mail settings.

1. Login to the Saner web console and access Control Panel.

The Control Panel page appears.

2. Click the drop-down menu next to the icon and select the organization you want to work with.

3. Click Mail. (  Deployment –>Settings–>Mail)

  The Mail Settings page appears on the right side.

4. Click New Mail Settings on the top right of the Mail Settings page.

The New Mail Settings window appears.

5. In the SMTP Host boxtype the host or IP of the SMTP Server. (e.g., smtp.example.com).

6. In the SMTP Port box, type the port of the SMTP Server.

7.  In the SSL Trust drop-down box, select the SSL Trust your email server supports.

 8. In the User Name box, type the email address you want to authenticate used to authenticate to the SMTP server you mentioned in Step 3.

 9.  In the Authentication option box, select the authentication as OAuth.

10. Enter the Client ID and Client Secret. Toggle the Configure OAuth button towards the right.

A pop-up message appears on the screen.

11.Click OK.

Your mail provider’s website appears.

If you are using Gmail, refer the article – How to create OAuth Client ID and Client Secret for Gmail Accounts.

If you are using Microsoft 365, refer the article – How to create OAuth Client ID and Client Secret for Microsoft 365.

Note
Saner supports Gmail and Office365 email addresses for OAuth authentication. Saner will enable the OAuth option if you enter a valid SMTP server address associated with Gmail or Office365.
Note
If you’re using an Office 365 email address for OAuth authentication, use the following settings. Make sure to whitelist the email address in the Office 365 admin portal to ensure seamless integration with OAuth:
SMTP host: smtp.office365.com
SMTP port: 587
SSL trust: STARTTLS

If you’re using a Gmail email address for OAuth authentication, use the following settings:
SMTP host: smtp.gmail.com
SMTP port: 587
SSL trust: STARTTLS

12. Follow the on-screen instructions to validate the email address, OAuth Client ID, and Client Secret. You will see a Success notification on the right side of the page.

13. In the Accounts to apply drop-down box, select the accounts you want to use the mail settings.

14. Click Test Mail to trigger a test mail.

If the OAuth settings are correct, you will see a notification message on the right side of the screen stating that a test mail has been sent successfully. If the settings are incorrect, you will see an error message on the right side of the screen.

15. Click Create to save the OAuth mail settings.

Saner creates the mail settings and displays it on the Mail Settings page.

Co-Branding

The co-branding feature in Saner lets you upload a custom logo to the web console. The logo appears on the console and in both canned and custom reports.

Upload a custom logo

User access level:
You must be signed in as an Admin or Organization Admin to upload a custom logo in Saner.

1. Sign in to the Saner web console, and then go to the Control Panel.
The Control Panel page appears.

2. Select the drop-down menu next to the organizationicon and then choose the organization you want to work with.

3. Select Deployment > Settings > Co-Branding.
The Co-Branding page appears on the right side.

4. Select Choose image.
The file browser opens.

5. Locate and select the PNG or JPEG file, and then select Crop & Upload image.
The logo is uploaded and appears in the web console and reports.

Important:
The image must be in PNG or JPEG format and no larger than 200 KB.

To learn more on how to manage devices in Saner, refer the Saner Device Management User Guide.