Set Up Neo4j Authentication

Each Neo4j record identifies account login credentials, database information, and target hosts (IPs).

Which technologies are supported?

For the most current list of supported authentication technologies and the versions that have been certified for VM and PC by record type, please refer to the following article: 

Authentication Technologies Matrix

 

Help me with the record settings

How do I get started?How do I get started?

- Go to Scans > Authentication.

- Check that you already have a record defined for each host running database instances.

- Create a Neo4j record for the database instance. Go to New > Databases > Neo4j.

What do I enter in the User Name field?What do I enter in the User Name field?

Enter the user name to be used for authentication to Neo4j database.

Tell me about the Ports settingTell me about the Ports setting

Port <number>
Enter the port number you want to scan. We'll use the credentials in this record to attempt authentication to the SID on the port you enter here.

If port number is not provided, by default 7687 is used as the port value.

 

Tell me about SSL verificationTell me about SSL verification

Select to perform a complete SSL certificate validation. This option is only valid for servers that support SSL.

- If unchecked (the default), Qualys scanners authenticate with In Servers that don’t use SSL or Neo4j servers that use SSL. However, in the SSL case, the server SSL certificate verification will be skipped.

- If checked, Qualys scanners will only send a login request after verifying that a connection to the Neo4j server uses SSL, the server SSL certificate is valid and matches the scanned host. 

Want to access the account password from your password vault?Want to access the account password from your password vault?

We support integration with multiple third party password vaults. Just go to Scans > Authentication > Vaults and tell us about your vault system. Then choose Authentication Vault in your record and select your vault name. At scan time, we'll authenticate to hosts using the account name in your record and the password we find in your vault.

Tell me about Unix ParametersTell me about Unix Parameters

Enter the Base path and Configuration file path of Neo4j on your Unix hosts. The configuration file must be in the same location for all hosts (IPs) in this record. If different, create another record.

Which IPs should I add to my record?Which IPs should I add to my record?

Select the IP addresses for the Neo4j databases that the scanning engine should log into using the specified credentials.

Quick Links

Why use host authentication

Vault Support Matrix

Neo4j Auth PDF Icon