Setting Vulnerability Management Credentials and Locations - PAS Integrity Software Suite - 7.3 - Help - Intergraph

Integrity Help

PAS Integrity Software Suite
Search by Category
PAS Version

The FTPLoadConfigTool.exe configuration utility allows you to define two transfer transactions for Vulnerability Management information and two transfer transactions for Patch Management information. Transfer 1 identifies the credentials and location for downloading the latest asset model from the PAS by Hexagon SFTP site. Transfer 2 identifies the credentials, if needed, and the location for moving the asset model to the Cyber Integrity server. These two transfer transactions allow you to download the latest Vulnerability Management asset model to one computer, and then transfer the file to the Integrity server, which may not be able to access the PAS by Hexagon SFTP site due to your network configuration.

  • To use the configuration and download utilities, you need to copy the following files from the InstallPath\DataCollector\Utilities folder to a folder on the computer where you will download the latest vulnerability management asset model file:

    • FTPLoadConfigTool.exe

    • FTPDownload.exe

    • FtpAssetModelManagement.dll

    • FtpAssetModelManagement.xml

    • WinSCP.exe

    • WinSCPnet.dll

  • If needed, you can use the configuration and download utilities to download the vulnerability management asset model file and then transfer it to an internal location, where you can then use these utilities on another computer to get the downloaded files from that internal location and transfer them to the Cyber Integrity server. However, more transfers in the chain can lead to issues if connectivity or availability is interrupted.

  • When you download the latest Vulnerability Management asset model from the PAS by Hexagon SFTP site, use the PAS by Hexagon SFTP credentials for vulnerability management. For more information about these credentials (user name and password), contact Technical Support.

  • When the utility downloads the Vulnerability Management asset model IAM file, it also creates and transfers a newFiles.txt file. When the RunDefinition.exe utility runs, it checks the specified asset model folder for the newFiles.txt file, and if it exists, it imports the latest asset models in that folder.

To configure your vulnerability management download settings:

  1. Run the FTPLoadConfigTool.exe configuration utility on the computer where you will download the latest vulnerability management asset model file from the PAS by Hexagon SFTP site. You copied this utility and its supporting files from the Cyber Integrity server.


  2. In the Configuration Name field, specify a name for this configuration, such as Vulnerability Management. You will use this name when you schedule the download and transfer utility.

  3. In the 1st Transfer fields, specify the connection credentials and the source location from where you want the latest PAS Vulnerability Management.iam file downloaded.

    The Source field allows you to specify SFTP using the following format:


    where servername specifies the SFTP server, such as, and :port specifies the port number, such as :22. If you want to use the default port, which is 22 for SFTP or 21 for FTP, you can leave out the colon and the port number.

    To download this file from PAS by Hexagon, set the Source field to s In addition, use the PAS by Hexagon SFTP credentials for vulnerability management. For more information about these credentials, contact Technical Support.

  4. If your environment requires using a proxy configuration, select Use Proxy and then specify the proxy host, port, and credentials to use.

  5. If you need to transfer the downloaded file to a remote Cyber Integrity server or other location, in the 2nd Transfer fields, specify the transfer type, connection credentials if needed, and the location where you want the latest PAS Vulnerability Management.iam file transferred. The Destination field supports the same SFTP format as the Source field, including the ability to use a proxy configuration if needed.

    Each asset model must be in its own folder. Use a separate folder for the patch management asset model, such as InstallPath\DataCollector\Asset Models\PAS PM.

  6. Click Save.

    The configuration utility attempts to retrieve the SSH host key fingerprint for each SFTP server and port specified. The utility also attempts to connect to each FTP server.

  7. If the retrieved fingerprint for a specified SFTP server and port has not been previously approved, the configuration utility displays the fingerprint value. Review the value, and then click Yes to approve the fingerprint.

    The FTPDownload.exe utility uses the fingerprint when connecting to the specified SFTP server. If the fingerprint is not approved, the connection cannot be established and the files cannot be transferred.

  8. If the configuration utility cannot contact a specified SFTP or FTP server, the utility displays a confirmation message to indicate the server was not available. Review the message, and then click OK.