KACE Systems Management Appliance 9.1 Common Documents - Administrator Guide

About the KACE Systems Management Appliance (SMA) Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Provisioning the KACE SMA Agent Manually deploying the KACE SMA Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles Using Task Chains
Patching devices and maintaining security
About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Dell devices and updates Maintaining device and appliance security
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the KACE SMA
Appendixes Glossary About us Legal notices

Editing SCAP scan schedules

Editing SCAP scan schedules

You can view or edit a benchmark schedule on the Script Detail page. This page allows you to manage and customize scripts for configuring, scheduling, and specifying which devices the SCAP scan runs on. The scripts for SCAP are standard KScripts.

NOTE: This section does not provide information about every feature available on the Script Detail page; it only contains information pertinent to using and understanding a SCAP scan.

You can access the Script Detail page from the Benchmark wizard, as described in Access SCAP Scan information and from the SCAP Scan Schedules page, as described in View SCAP scan results.

View the resolved XCCDF files

You can view the input files generated by the SCAP scan resolution process.

A benchmark is loaded into the server and the XCCDF file undergoes a process called resolution, which generates the input files necessary to run a particular profile.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
(Optional) To add any supporting executable files necessary to run the script, scroll down to the Dependencies section, then click Add a new dependency, then click Browse or Choose File.
3.
Optional: To view the details of these files, click and download the selected ZIP file.
View the OVAL timestamp

You can view the OVAL timestamp (the time the OVAL document was compiled).

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Dependencies section, then click benchmark.zip and extract the OVAL XML file.
For example, fdcc-winxp-oval.xml.
3.
In the OVAL file, look for <oval:timestamp>.
View script tasks

You can view tasks associated with a particular script.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Task sections.

The Task sections are displayed on the Script Detail page.

View SCAP scan results

The Scan Results page shows the results of SCAP scans per device. From this page you can access detailed information about each scan.

1.
Go to SCAP Scan page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Reporting.
2.
Optional: To display the results for a specific benchmark, select the desired benchmark in the View By drop-down list, which appears above the table on the right.

Section

Description

Device Name

The device on which the scan was run.

Benchmark - Profile

The particular profile in a benchmark that was used.

Scanned

The date and time that the scan was run.

Passed

The number of rules that the device passed.

Failed

The number of rules that the device failed.

Other

The number of rules having other values such as error, unknown, not checked, not applicable, and informational.

The XCCDF specification also defines “not selected”, which is excluded from the results.

Total

The total number of rules that were executed.

Compliance

The percentage of rules that were passed.

Score

The default score defined by the benchmark.

Result

The Pass or Fail results of the scan.

A page containing the details of the scan result for the selected device appears. The following table describes each section in more detail:

Section

Description

Summary

General information about the benchmark.

Test Results

Test results in a tree structure that represents the grouping of the rules. Symbols display the pass-fail status of a rule. You can click a rule to open a dialog box containing the rule’s details.

Scores

Compliance scores for each scoring model as defined for the benchmark.

Results by CCE

Pass-fail results by CCE. The FDCC requires that compliance is reported by CCE.

Result XML files

Links to the XML files:

XCCDF Benchmark: The file processed by the XCCDF file and formatted into a single results file (xccdf-results.xml) from each run of the OVAL scanning engine.
CPE Inventory: The file output by the first run of the OVAL scanning engine to test whether the benchmark applies to the device being scanned.
Oval Compliance: The file output by the second run of the OVAL scanning engine to test the device against the rules defined in the benchmark.
OVAL Patches: The file output by the third run of the OVAL scanning engine to ensure that the security patches are up-to-date.

See How a SCAP scan works.

The Viewing Details for that rule appears. This page shows a description of the rule from the XCCDF definition, whether the device passed or failed the rule, and the XML for the rule.
Download benchmarks from the archive

On a daily basis, the KACE SMA gathers the SCAP scan results from devices and creates an archive for each benchmark. The benchmark archive consists of a ZIP file that can be sent to the appropriate agency, such as the US OMB (United States Office of Management and Budget).

1.
Go to SCAP Catalog list:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Catalog.
3.
In the Download Results Archive field, click the ZIP file to download the archive.

View the resolved XCCDF files

Editing SCAP scan schedules

You can view or edit a benchmark schedule on the Script Detail page. This page allows you to manage and customize scripts for configuring, scheduling, and specifying which devices the SCAP scan runs on. The scripts for SCAP are standard KScripts.

NOTE: This section does not provide information about every feature available on the Script Detail page; it only contains information pertinent to using and understanding a SCAP scan.

You can access the Script Detail page from the Benchmark wizard, as described in Access SCAP Scan information and from the SCAP Scan Schedules page, as described in View SCAP scan results.

View the resolved XCCDF files

You can view the input files generated by the SCAP scan resolution process.

A benchmark is loaded into the server and the XCCDF file undergoes a process called resolution, which generates the input files necessary to run a particular profile.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
(Optional) To add any supporting executable files necessary to run the script, scroll down to the Dependencies section, then click Add a new dependency, then click Browse or Choose File.
3.
Optional: To view the details of these files, click and download the selected ZIP file.
View the OVAL timestamp

You can view the OVAL timestamp (the time the OVAL document was compiled).

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Dependencies section, then click benchmark.zip and extract the OVAL XML file.
For example, fdcc-winxp-oval.xml.
3.
In the OVAL file, look for <oval:timestamp>.
View script tasks

You can view tasks associated with a particular script.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Task sections.

The Task sections are displayed on the Script Detail page.

View SCAP scan results

The Scan Results page shows the results of SCAP scans per device. From this page you can access detailed information about each scan.

1.
Go to SCAP Scan page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Reporting.
2.
Optional: To display the results for a specific benchmark, select the desired benchmark in the View By drop-down list, which appears above the table on the right.

Section

Description

Device Name

The device on which the scan was run.

Benchmark - Profile

The particular profile in a benchmark that was used.

Scanned

The date and time that the scan was run.

Passed

The number of rules that the device passed.

Failed

The number of rules that the device failed.

Other

The number of rules having other values such as error, unknown, not checked, not applicable, and informational.

The XCCDF specification also defines “not selected”, which is excluded from the results.

Total

The total number of rules that were executed.

Compliance

The percentage of rules that were passed.

Score

The default score defined by the benchmark.

Result

The Pass or Fail results of the scan.

A page containing the details of the scan result for the selected device appears. The following table describes each section in more detail:

Section

Description

Summary

General information about the benchmark.

Test Results

Test results in a tree structure that represents the grouping of the rules. Symbols display the pass-fail status of a rule. You can click a rule to open a dialog box containing the rule’s details.

Scores

Compliance scores for each scoring model as defined for the benchmark.

Results by CCE

Pass-fail results by CCE. The FDCC requires that compliance is reported by CCE.

Result XML files

Links to the XML files:

XCCDF Benchmark: The file processed by the XCCDF file and formatted into a single results file (xccdf-results.xml) from each run of the OVAL scanning engine.
CPE Inventory: The file output by the first run of the OVAL scanning engine to test whether the benchmark applies to the device being scanned.
Oval Compliance: The file output by the second run of the OVAL scanning engine to test the device against the rules defined in the benchmark.
OVAL Patches: The file output by the third run of the OVAL scanning engine to ensure that the security patches are up-to-date.

See How a SCAP scan works.

The Viewing Details for that rule appears. This page shows a description of the rule from the XCCDF definition, whether the device passed or failed the rule, and the XML for the rule.
Download benchmarks from the archive

On a daily basis, the KACE SMA gathers the SCAP scan results from devices and creates an archive for each benchmark. The benchmark archive consists of a ZIP file that can be sent to the appropriate agency, such as the US OMB (United States Office of Management and Budget).

1.
Go to SCAP Catalog list:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Catalog.
3.
In the Download Results Archive field, click the ZIP file to download the archive.

View the OVAL timestamp

Editing SCAP scan schedules

You can view or edit a benchmark schedule on the Script Detail page. This page allows you to manage and customize scripts for configuring, scheduling, and specifying which devices the SCAP scan runs on. The scripts for SCAP are standard KScripts.

NOTE: This section does not provide information about every feature available on the Script Detail page; it only contains information pertinent to using and understanding a SCAP scan.

You can access the Script Detail page from the Benchmark wizard, as described in Access SCAP Scan information and from the SCAP Scan Schedules page, as described in View SCAP scan results.

View the resolved XCCDF files

You can view the input files generated by the SCAP scan resolution process.

A benchmark is loaded into the server and the XCCDF file undergoes a process called resolution, which generates the input files necessary to run a particular profile.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
(Optional) To add any supporting executable files necessary to run the script, scroll down to the Dependencies section, then click Add a new dependency, then click Browse or Choose File.
3.
Optional: To view the details of these files, click and download the selected ZIP file.
View the OVAL timestamp

You can view the OVAL timestamp (the time the OVAL document was compiled).

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Dependencies section, then click benchmark.zip and extract the OVAL XML file.
For example, fdcc-winxp-oval.xml.
3.
In the OVAL file, look for <oval:timestamp>.
View script tasks

You can view tasks associated with a particular script.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Task sections.

The Task sections are displayed on the Script Detail page.

View SCAP scan results

The Scan Results page shows the results of SCAP scans per device. From this page you can access detailed information about each scan.

1.
Go to SCAP Scan page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Reporting.
2.
Optional: To display the results for a specific benchmark, select the desired benchmark in the View By drop-down list, which appears above the table on the right.

Section

Description

Device Name

The device on which the scan was run.

Benchmark - Profile

The particular profile in a benchmark that was used.

Scanned

The date and time that the scan was run.

Passed

The number of rules that the device passed.

Failed

The number of rules that the device failed.

Other

The number of rules having other values such as error, unknown, not checked, not applicable, and informational.

The XCCDF specification also defines “not selected”, which is excluded from the results.

Total

The total number of rules that were executed.

Compliance

The percentage of rules that were passed.

Score

The default score defined by the benchmark.

Result

The Pass or Fail results of the scan.

A page containing the details of the scan result for the selected device appears. The following table describes each section in more detail:

Section

Description

Summary

General information about the benchmark.

Test Results

Test results in a tree structure that represents the grouping of the rules. Symbols display the pass-fail status of a rule. You can click a rule to open a dialog box containing the rule’s details.

Scores

Compliance scores for each scoring model as defined for the benchmark.

Results by CCE

Pass-fail results by CCE. The FDCC requires that compliance is reported by CCE.

Result XML files

Links to the XML files:

XCCDF Benchmark: The file processed by the XCCDF file and formatted into a single results file (xccdf-results.xml) from each run of the OVAL scanning engine.
CPE Inventory: The file output by the first run of the OVAL scanning engine to test whether the benchmark applies to the device being scanned.
Oval Compliance: The file output by the second run of the OVAL scanning engine to test the device against the rules defined in the benchmark.
OVAL Patches: The file output by the third run of the OVAL scanning engine to ensure that the security patches are up-to-date.

See How a SCAP scan works.

The Viewing Details for that rule appears. This page shows a description of the rule from the XCCDF definition, whether the device passed or failed the rule, and the XML for the rule.
Download benchmarks from the archive

On a daily basis, the KACE SMA gathers the SCAP scan results from devices and creates an archive for each benchmark. The benchmark archive consists of a ZIP file that can be sent to the appropriate agency, such as the US OMB (United States Office of Management and Budget).

1.
Go to SCAP Catalog list:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Catalog.
3.
In the Download Results Archive field, click the ZIP file to download the archive.

View script tasks

Editing SCAP scan schedules

You can view or edit a benchmark schedule on the Script Detail page. This page allows you to manage and customize scripts for configuring, scheduling, and specifying which devices the SCAP scan runs on. The scripts for SCAP are standard KScripts.

NOTE: This section does not provide information about every feature available on the Script Detail page; it only contains information pertinent to using and understanding a SCAP scan.

You can access the Script Detail page from the Benchmark wizard, as described in Access SCAP Scan information and from the SCAP Scan Schedules page, as described in View SCAP scan results.

View the resolved XCCDF files

You can view the input files generated by the SCAP scan resolution process.

A benchmark is loaded into the server and the XCCDF file undergoes a process called resolution, which generates the input files necessary to run a particular profile.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
(Optional) To add any supporting executable files necessary to run the script, scroll down to the Dependencies section, then click Add a new dependency, then click Browse or Choose File.
3.
Optional: To view the details of these files, click and download the selected ZIP file.
View the OVAL timestamp

You can view the OVAL timestamp (the time the OVAL document was compiled).

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Dependencies section, then click benchmark.zip and extract the OVAL XML file.
For example, fdcc-winxp-oval.xml.
3.
In the OVAL file, look for <oval:timestamp>.
View script tasks

You can view tasks associated with a particular script.

1.
Go to the Script Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
2.
Scroll down to the Task sections.

The Task sections are displayed on the Script Detail page.

View SCAP scan results

The Scan Results page shows the results of SCAP scans per device. From this page you can access detailed information about each scan.

1.
Go to SCAP Scan page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Reporting.
2.
Optional: To display the results for a specific benchmark, select the desired benchmark in the View By drop-down list, which appears above the table on the right.

Section

Description

Device Name

The device on which the scan was run.

Benchmark - Profile

The particular profile in a benchmark that was used.

Scanned

The date and time that the scan was run.

Passed

The number of rules that the device passed.

Failed

The number of rules that the device failed.

Other

The number of rules having other values such as error, unknown, not checked, not applicable, and informational.

The XCCDF specification also defines “not selected”, which is excluded from the results.

Total

The total number of rules that were executed.

Compliance

The percentage of rules that were passed.

Score

The default score defined by the benchmark.

Result

The Pass or Fail results of the scan.

A page containing the details of the scan result for the selected device appears. The following table describes each section in more detail:

Section

Description

Summary

General information about the benchmark.

Test Results

Test results in a tree structure that represents the grouping of the rules. Symbols display the pass-fail status of a rule. You can click a rule to open a dialog box containing the rule’s details.

Scores

Compliance scores for each scoring model as defined for the benchmark.

Results by CCE

Pass-fail results by CCE. The FDCC requires that compliance is reported by CCE.

Result XML files

Links to the XML files:

XCCDF Benchmark: The file processed by the XCCDF file and formatted into a single results file (xccdf-results.xml) from each run of the OVAL scanning engine.
CPE Inventory: The file output by the first run of the OVAL scanning engine to test whether the benchmark applies to the device being scanned.
Oval Compliance: The file output by the second run of the OVAL scanning engine to test the device against the rules defined in the benchmark.
OVAL Patches: The file output by the third run of the OVAL scanning engine to ensure that the security patches are up-to-date.

See How a SCAP scan works.

The Viewing Details for that rule appears. This page shows a description of the rule from the XCCDF definition, whether the device passed or failed the rule, and the XML for the rule.
Download benchmarks from the archive

On a daily basis, the KACE SMA gathers the SCAP scan results from devices and creates an archive for each benchmark. The benchmark archive consists of a ZIP file that can be sent to the appropriate agency, such as the US OMB (United States Office of Management and Budget).

1.
Go to SCAP Catalog list:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click SCAP Scan.
c.
On the SCAP Scan panel, click Catalog.
3.
In the Download Results Archive field, click the ZIP file to download the archive.
Documents connexes