By clicking on the asset group name, you can get into the details of this particular groups. The following information is displayed :
This tab lists the devices that have been grouped and gives information about the group like Last Scanned time, credentials for the group, what vulnerability group was applied to this asset group for scanning, when was the asset group created etc.
The Asset List displays the hosts in the group along with the following info :
The Security tab for an asset group displays the security snapshot of the group. The following info is displayed :
A pie-chart depicting the vulnerability risk percentage for the asset group is displayed.
The list of vulnerabilities that have been detected on the assets in this group based on a vulnerability scan is seen. The number of affected hosts for each of these vulnerabilities is listed. Clicking on the affected host count or vulnerability name will lead you to the Vulnerability details view which describes the vulnerability & provides appropriate links to external websites like CVE, Bugtraq etc. It will also list the host names which this vulnerability affects.
Missing patches list
This list presents the missing patch information for the asset group. The number of hosts for each of these missing patches is listed. Clicking on the affected host count or patch name will lead you to the Patch details view which describes the patch & provides appropriate links to Microsoft's or Red Hat's websites. This patch can be deployed from here on the list of affected hosts.
From an Asset group, you can remediate the hosts by applying missing Windows patches & service packs. From the Assets tab --> Asset Groups tab --> Asset group name link --> click on the 'Remediate' button to either Deploy Missing Patches or Service Packs.
Clicking on 'Deploy Patches' option from the 'Remediate' menu, lists all the missing patches applicable for this Asset Group. From here you can select whichever patches you wish to deploy on the group. Choose the patches of interest and click on the 'Deploy Patch' button. Doing so will display a screen wherein you will be able to see a list of hosts belonging to the Asset group, in which the selected patches are missing. From this view, click the 'Deploy' button to perform patch deployment on the hosts.
Patch Deployment History
If any patch is deployed on a host, a history will be maintained about when it was deployed and to which all systems and what was the status of deployment. You can view this by clicking the patch history icon against each patch in the list.
Deploying Service Packs
Clicking on 'Deploy Service Packs' option from the 'Remediate' menu, lists all the SPs applicable for this Asset Group. From here you can select whichever service pack you wish to deploy on the group. Choose the SP of interest and click on the 'Deploy' button. Doing so will display a screen wherein you will be able to see a list of hosts belonging to the Asset group, in which the selected SP is missing. From this view, click the 'Deploy Service Pack' button to perform service pack deployment on the hosts.
Note that you can deploy only one service pack at a time on a host, so you can select only a single SP from this view.
Download Service Packs
You can also download service packs from this view. Select the SP and click on the 'Download' button. You can initiate an instant download or schedule the SP download for a later time. From this screen, there is also a provision to use an already downloaded SP.
Service Pack Deployment History
If any SP is deployed on a host, a history will be maintained about when it was deployed and to which all systems and what was the status of deployment. You can view this by clicking the service pack history icon against each SP in the list.
Deploying Linux Packages
If there are Linux systems in the Asset group, you can deploy missing Linux packages on these assets by clicking on the 'Deploy Linux Packages' option from the 'Remediate' menu. You can select the packages that you wish to deploy and click on the Deploy button.
Refer to Linux Package Management Scripts section for more information.
Reports can be generated for every Asset group created. For this visit the Assets tab --> Asset Groups tab --> Asset group name link --> click on the 'Reports' button. This will drop down to all the reports that are present in Security Manager (predefined as well as custom reports). Choose whichever report you want for the group and click on the appropriate name.
The following are the actions that can be performed from Asset groups. These can be accessed from the 'Actions' button in an Asset group view.
This is an option to configure the e-mail ID to which a notification will be sent when a scan for the asset group is completed. You can specify the e-mail ID in the text field provided. Selected reports from Security Manager Plus can also be attached along with the scan complete notification. You can choose the report type from the drop-down menu and click 'Save'.
You can initiate an on-demand vulnerability scan on an Asset group from the Asset groups view or you can schedule a scan from this menu option, so that it runs at a specified time and periodicity.
You can start an on-demand scan by choosing this option.
You can edit an existing Asset group from here. You can alter the group name, description, add more hosts to this group or remove hosts from this group.
When the Trouble Ticket E-mail Settings are configured from the Admin tab, then you can use this option to select a criterion, which when exceeds by a configured count, e-mail will be generated to the trouble ticket system. For e.g. Total Vulnerability count : Greater than : 10. You can also remove the ticket settings from the same screen if configured already.
Patch Deployment / SP Deployment History
These are 2 views which display a list of all the patch and service pack deployment tasks that have been configured and executed for the selected asset group with the status of each task.
Linux Deployment History
This view displays a list of all the package deployment tasks associated with Linux systems in the selected Asset group.
You can associate Change Management profiles to this asset group so that files, folders and/or registry entries are tracked for changes. Each profile will have a set of files, folders and registry entries that are configured for change management & change tracking.
If you do a reboot now of the Asset Group, reboot will be initiated for all the Windows systems present in the Asset Group. If SMP Agent is running in the systems in that Asset Group, you can check whether the reboot is completed or not in the Assets page table view. You can choose 'Reboot Status' from the column chooser of the Assets table view to see the status