Set Up Neo4j Authentication

Each Neo4j record identifies account login credentials, database information, and target hosts (IPs).

Currently only Neo4j 3.x version is supported.

 

- Go to Scans > Authentication.

- Check that you already have a record defined for each host running database instances.

- Create a Neo4j record for the database instance. Go to New > Databases > Neo4j.

Enter the user name to be used for authentication to Neo4j database.

Port <number>
Enter the port number you want to scan. We'll use the credentials in this record to attempt authentication to the SID on the port you enter here.

If port number is not provided, by default 7687 is used as the port value.

 

Select to perform a complete SSL certificate validation. This option is only valid for servers that support SSL.

- If unchecked (the default), Qualys scanners authenticate with In Servers that don’t use SSL or Neo4j servers that use SSL. However, in the SSL case, the server SSL certificate verification will be skipped.

- If checked, Qualys scanners will only send a login request after verifying that a connection to the Neo4j server uses SSL, the server SSL certificate is valid and matches the scanned host. 

We support integration with multiple third party password vaults. Just go to Scans > Authentication > Vaults and tell us about your vault system. Then choose Authentication Vault in your record and select your vault name. At scan time, we'll authenticate to hosts using the account name in your record and the password we find in your vault.

Enter the Base path and Configuration file path of Neo4j on your Unix hosts. The configuration file must be in the same location for all hosts (IPs) in this record. If different, create another record.

Select the IP addresses for the Neo4j databases that the scanning engine should log into using the specified credentials.

Quick Links

Why use host authentication

Vault Support Matrix

Neo4j Auth PDF Icon