Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Security Guardian Current - User Guide

Introducing Quest Security Guardian Using the Dashboard Tier Zero Objects Assessments Findings Security Settings Appendix - Security Guardian Indicator Details

First Assessment Notification Email

If email is configured for Security Guardian, after the first Assessment is completed for the organization, a notification email is sent which includes the total number of the following:

  • Findings without vulnerable objects

  • Findings with vulnerable objects

  • Findings with inconclusive results

  • Findings that returned an error

NOTE: This notification applies only for the first Assessment that is completed for an organization. If email is configured after the first Assessment has run, a notification will not be sent. Subsequent emails will be sent advising that the Assessment has been completed and vulnerable objects have grown in scope.

 

Built-in Assessments

Security Guardian includes a built-in Assessment, Active Directory Security Assessment. It contains all pre-defined Discoveries provided by Quest and is run on all domains configured in On Demand for your organization.

NOTE: If no domains are configured for Active Directory data collection, the status message Configuration Required will display in the All Assessments list.

Pre-defined Discoveries are added automatically to this Assessment as they are released by Quest.

NOTE: A built-in Assessment cannot be edited or deleted.

All Assessments List

 

The All Assessments tab displays a list of all Assessments (both built-in and user-created) for the organization along with the following information for each:

  • the Assessment name (with a link to Assessment Details)

  • the Active Directory domain containing the assessed objects (with the option to Link to Results)

  • Created By either:

  • the Status of the Assessment:

    Configuration Required

    NOTE: This status is used to indicate the absence of an Active Directory domain in On Demand for the organization. This may be because:

    • A domain has not yet been added to On Demand, which will prevent the built-in Assessment from running.

    • The domain selected for the Assessment has since been removed from On Demand.

    • When the Assessment was created, all available domains were excluded.

     

    Agent Required (See Configuring Additional Components -Hybrid Agent)
    No Data Collected
    No Vulnerabilities Found
    n Vulnerabilities Found

  • the date and time when data was Last Collected

    NOTE: This field displays the signed-in user's local date and time.

Discoveries and Vulnerabilities

Discoveries are evaluated by Assessments to identify vulnerabilities in your organization's Active Directory. Security Guardian comes with several pre-defined Discoveries and you can also create your own Discoveries.

 

Additional permission required for specific vulnerabilities

In addition to the permissions required for the hybrid agent, the service account (which the Collect Active Directory object data action uses) must be a member of the Domain Admins group for the following pre-defined vulnerabilities and any vulnerabilities created using the same template.

For the vulnerability Non-privileged accounts can access the gMSA root key, the account must be a member of the Domain Admins or Enterprise Admins group.

If the required permission is not granted, Assessment results for these vulnerabilities will return as Inconclusive.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation