Chat now with support
Chat with Support

KACE Systems Management Appliance 13.2 Common Documents - KACE Service Desk Administrator Guide

About the KACE Service Desk Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Maintaining device and appliance security Manage quarantined file attachments
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

About SCAP

About SCAP

SCAP (Secure Content Automation Protocol), is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine systems to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues on Windows devices.

SCAP is maintained by the National Institute of Standards and Technology (NIST), and its use is mandated by government agencies such as the US OMB (United States Office of Management and Budget).

SCAP uses the US government’s National Vulnerability Database (NVD), which is a standards-based vulnerability management data repository. NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics. For more information on SCAP and NVD, go to the NIST websites at http://scap.nist.gov/index.html and http://nvd.nist.gov/.

SCAP supported versions and platforms

The appliance supports SCAP 1.0, 1.1, 1.2, and 1.3. SCAP is certified to run on Windows 7 and higher platforms (32-bit and 64-bit systems).

The appliance conducts SCAP scans using the KACE Agent software that is installed on managed devices. SCAP is not available for devices that do not have the KACE Agent software installed, such as Agentless devices.

How the appliance conducts SCAP scans

The appliance conducts SCAP scans by running scripts on selected Agent-managed devices using security configuration checklists from the National Checklist Repository.

For SCAP versions 1.0 and 1.1, the script checks the SCAP data stream written in XML formats using the following SCAP standards: CCE, CPE, CVE, CVSS, OVAL, and XCCDF. See Definitions of SCAP standards.

SCAP 1.2 and 1.3 add the concept of the Data Stream, where all of the individual results files are combined into a single XML file. In addition, these versions add a new output format called ARF (Asset Report Format 1.1). For more information, go to http://scap.nist.gov/specifications/arf/.

The appliance uses the Agent software to perform SCAP scan compliance checks. The results files are uploaded to the appliance or organization database and collated into a single file for reporting to a government agency (if required). Results are also displayed for each device on the appliance’s SCAP Scan Results page.

If the Organization component is enabled on your appliance, you view SCAP scan results for each organization separately.

SCAP uses the OVAL Interpreter version 5.10.1 and provides:

These features improve software security, threat assessment, and vulnerability correction.

Definitions of SCAP standards

SCAP scans monitor device security using specified protocols and standards.

Standard

Definition

CCE

Common Configuration Enumeration provides unique identifiers to system configuration issues for facilitating fast and accurate correlation of configuration data across multiple information sources and tools.

The compliance checking results produced by the appliance SCAP scan include the relevant CCE ID references for XCCDF and OVAL definitions for every rule checked as designated by the checklist definition.

CCE information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CPE

Common Platform Enumeration is a structured naming scheme for information technology systems, platforms, and packages. Based on the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a language for describing complex platforms, a method for checking names against a system, and a description format for binding text and tests to a name. In essence, CPE ensures that the security checklist is applied to the correct platform.

This information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CVE

Common Vulnerability and Exposures is a list or dictionary that provides standard identifiers (common names) for publicly known security vulnerabilities and software flaws.

The compliance checking results produced by the appliance SCAP scan include the relevant CVE ID references and OVAL definition for every rule checked in the checklist definition.

For every patch or vulnerability, CVE ID references are provided in the appliance’s SCAP Scan Result page.

The CVE information is stored in a patch result XML file generated by the scan. The file is available for inspection and verification in the Agent’s working directory and on the server’s SCAP Scan Results page.

CVSS

Common Vulnerability Scoring System provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Its quantitative model helps ensure repeatable accurate measurement while enabling users to see the underlying vulnerability characteristics that were used to generate the scores. CVSS is well suited for industries, organizations, and governments that need accurate and consistent vulnerability impact scores. Among others, CVSS assists prioritizing vulnerability remediation activities and calculating the severity of vulnerabilities. The National Vulnerability Database (NVD) provides CVSS scores for almost all known vulnerabilities.

OVAL

Open Vulnerability and Assessment Language is an international, information security, community standard for promoting open and publicly available security content. It standardizes the transfer of this information across the entire spectrum of security tools and services.

The results of each OVAL test are written to several files on the target device and then compiled into a single result file on the appliance and displayed on the SCAP Scan Results page.

SCAP

Secure Content Automation Protocol is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine devices to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues. See About SCAP.

XCCDF

The eXtensible Configuration Checklist Description Format is a specification language for writing security checklists, benchmarks, and related documents. An XCCDF file contains a structured collection of security configuration rules for a set of target devices. The specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring. See How a SCAP scan works.

SCAP supported versions and platforms

About SCAP

SCAP (Secure Content Automation Protocol), is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine systems to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues on Windows devices.

SCAP is maintained by the National Institute of Standards and Technology (NIST), and its use is mandated by government agencies such as the US OMB (United States Office of Management and Budget).

SCAP uses the US government’s National Vulnerability Database (NVD), which is a standards-based vulnerability management data repository. NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics. For more information on SCAP and NVD, go to the NIST websites at http://scap.nist.gov/index.html and http://nvd.nist.gov/.

SCAP supported versions and platforms

The appliance supports SCAP 1.0, 1.1, 1.2, and 1.3. SCAP is certified to run on Windows 7 and higher platforms (32-bit and 64-bit systems).

The appliance conducts SCAP scans using the KACE Agent software that is installed on managed devices. SCAP is not available for devices that do not have the KACE Agent software installed, such as Agentless devices.

How the appliance conducts SCAP scans

The appliance conducts SCAP scans by running scripts on selected Agent-managed devices using security configuration checklists from the National Checklist Repository.

For SCAP versions 1.0 and 1.1, the script checks the SCAP data stream written in XML formats using the following SCAP standards: CCE, CPE, CVE, CVSS, OVAL, and XCCDF. See Definitions of SCAP standards.

SCAP 1.2 and 1.3 add the concept of the Data Stream, where all of the individual results files are combined into a single XML file. In addition, these versions add a new output format called ARF (Asset Report Format 1.1). For more information, go to http://scap.nist.gov/specifications/arf/.

The appliance uses the Agent software to perform SCAP scan compliance checks. The results files are uploaded to the appliance or organization database and collated into a single file for reporting to a government agency (if required). Results are also displayed for each device on the appliance’s SCAP Scan Results page.

If the Organization component is enabled on your appliance, you view SCAP scan results for each organization separately.

SCAP uses the OVAL Interpreter version 5.10.1 and provides:

These features improve software security, threat assessment, and vulnerability correction.

Definitions of SCAP standards

SCAP scans monitor device security using specified protocols and standards.

Standard

Definition

CCE

Common Configuration Enumeration provides unique identifiers to system configuration issues for facilitating fast and accurate correlation of configuration data across multiple information sources and tools.

The compliance checking results produced by the appliance SCAP scan include the relevant CCE ID references for XCCDF and OVAL definitions for every rule checked as designated by the checklist definition.

CCE information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CPE

Common Platform Enumeration is a structured naming scheme for information technology systems, platforms, and packages. Based on the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a language for describing complex platforms, a method for checking names against a system, and a description format for binding text and tests to a name. In essence, CPE ensures that the security checklist is applied to the correct platform.

This information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CVE

Common Vulnerability and Exposures is a list or dictionary that provides standard identifiers (common names) for publicly known security vulnerabilities and software flaws.

The compliance checking results produced by the appliance SCAP scan include the relevant CVE ID references and OVAL definition for every rule checked in the checklist definition.

For every patch or vulnerability, CVE ID references are provided in the appliance’s SCAP Scan Result page.

The CVE information is stored in a patch result XML file generated by the scan. The file is available for inspection and verification in the Agent’s working directory and on the server’s SCAP Scan Results page.

CVSS

Common Vulnerability Scoring System provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Its quantitative model helps ensure repeatable accurate measurement while enabling users to see the underlying vulnerability characteristics that were used to generate the scores. CVSS is well suited for industries, organizations, and governments that need accurate and consistent vulnerability impact scores. Among others, CVSS assists prioritizing vulnerability remediation activities and calculating the severity of vulnerabilities. The National Vulnerability Database (NVD) provides CVSS scores for almost all known vulnerabilities.

OVAL

Open Vulnerability and Assessment Language is an international, information security, community standard for promoting open and publicly available security content. It standardizes the transfer of this information across the entire spectrum of security tools and services.

The results of each OVAL test are written to several files on the target device and then compiled into a single result file on the appliance and displayed on the SCAP Scan Results page.

SCAP

Secure Content Automation Protocol is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine devices to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues. See About SCAP.

XCCDF

The eXtensible Configuration Checklist Description Format is a specification language for writing security checklists, benchmarks, and related documents. An XCCDF file contains a structured collection of security configuration rules for a set of target devices. The specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring. See How a SCAP scan works.

How the appliance conducts SCAP scans

About SCAP

SCAP (Secure Content Automation Protocol), is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine systems to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues on Windows devices.

SCAP is maintained by the National Institute of Standards and Technology (NIST), and its use is mandated by government agencies such as the US OMB (United States Office of Management and Budget).

SCAP uses the US government’s National Vulnerability Database (NVD), which is a standards-based vulnerability management data repository. NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics. For more information on SCAP and NVD, go to the NIST websites at http://scap.nist.gov/index.html and http://nvd.nist.gov/.

SCAP supported versions and platforms

The appliance supports SCAP 1.0, 1.1, 1.2, and 1.3. SCAP is certified to run on Windows 7 and higher platforms (32-bit and 64-bit systems).

The appliance conducts SCAP scans using the KACE Agent software that is installed on managed devices. SCAP is not available for devices that do not have the KACE Agent software installed, such as Agentless devices.

How the appliance conducts SCAP scans

The appliance conducts SCAP scans by running scripts on selected Agent-managed devices using security configuration checklists from the National Checklist Repository.

For SCAP versions 1.0 and 1.1, the script checks the SCAP data stream written in XML formats using the following SCAP standards: CCE, CPE, CVE, CVSS, OVAL, and XCCDF. See Definitions of SCAP standards.

SCAP 1.2 and 1.3 add the concept of the Data Stream, where all of the individual results files are combined into a single XML file. In addition, these versions add a new output format called ARF (Asset Report Format 1.1). For more information, go to http://scap.nist.gov/specifications/arf/.

The appliance uses the Agent software to perform SCAP scan compliance checks. The results files are uploaded to the appliance or organization database and collated into a single file for reporting to a government agency (if required). Results are also displayed for each device on the appliance’s SCAP Scan Results page.

If the Organization component is enabled on your appliance, you view SCAP scan results for each organization separately.

SCAP uses the OVAL Interpreter version 5.10.1 and provides:

These features improve software security, threat assessment, and vulnerability correction.

Definitions of SCAP standards

SCAP scans monitor device security using specified protocols and standards.

Standard

Definition

CCE

Common Configuration Enumeration provides unique identifiers to system configuration issues for facilitating fast and accurate correlation of configuration data across multiple information sources and tools.

The compliance checking results produced by the appliance SCAP scan include the relevant CCE ID references for XCCDF and OVAL definitions for every rule checked as designated by the checklist definition.

CCE information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CPE

Common Platform Enumeration is a structured naming scheme for information technology systems, platforms, and packages. Based on the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a language for describing complex platforms, a method for checking names against a system, and a description format for binding text and tests to a name. In essence, CPE ensures that the security checklist is applied to the correct platform.

This information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CVE

Common Vulnerability and Exposures is a list or dictionary that provides standard identifiers (common names) for publicly known security vulnerabilities and software flaws.

The compliance checking results produced by the appliance SCAP scan include the relevant CVE ID references and OVAL definition for every rule checked in the checklist definition.

For every patch or vulnerability, CVE ID references are provided in the appliance’s SCAP Scan Result page.

The CVE information is stored in a patch result XML file generated by the scan. The file is available for inspection and verification in the Agent’s working directory and on the server’s SCAP Scan Results page.

CVSS

Common Vulnerability Scoring System provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Its quantitative model helps ensure repeatable accurate measurement while enabling users to see the underlying vulnerability characteristics that were used to generate the scores. CVSS is well suited for industries, organizations, and governments that need accurate and consistent vulnerability impact scores. Among others, CVSS assists prioritizing vulnerability remediation activities and calculating the severity of vulnerabilities. The National Vulnerability Database (NVD) provides CVSS scores for almost all known vulnerabilities.

OVAL

Open Vulnerability and Assessment Language is an international, information security, community standard for promoting open and publicly available security content. It standardizes the transfer of this information across the entire spectrum of security tools and services.

The results of each OVAL test are written to several files on the target device and then compiled into a single result file on the appliance and displayed on the SCAP Scan Results page.

SCAP

Secure Content Automation Protocol is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine devices to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues. See About SCAP.

XCCDF

The eXtensible Configuration Checklist Description Format is a specification language for writing security checklists, benchmarks, and related documents. An XCCDF file contains a structured collection of security configuration rules for a set of target devices. The specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring. See How a SCAP scan works.

Definitions of SCAP standards

About SCAP

SCAP (Secure Content Automation Protocol), is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine systems to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues on Windows devices.

SCAP is maintained by the National Institute of Standards and Technology (NIST), and its use is mandated by government agencies such as the US OMB (United States Office of Management and Budget).

SCAP uses the US government’s National Vulnerability Database (NVD), which is a standards-based vulnerability management data repository. NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics. For more information on SCAP and NVD, go to the NIST websites at http://scap.nist.gov/index.html and http://nvd.nist.gov/.

SCAP supported versions and platforms

The appliance supports SCAP 1.0, 1.1, 1.2, and 1.3. SCAP is certified to run on Windows 7 and higher platforms (32-bit and 64-bit systems).

The appliance conducts SCAP scans using the KACE Agent software that is installed on managed devices. SCAP is not available for devices that do not have the KACE Agent software installed, such as Agentless devices.

How the appliance conducts SCAP scans

The appliance conducts SCAP scans by running scripts on selected Agent-managed devices using security configuration checklists from the National Checklist Repository.

For SCAP versions 1.0 and 1.1, the script checks the SCAP data stream written in XML formats using the following SCAP standards: CCE, CPE, CVE, CVSS, OVAL, and XCCDF. See Definitions of SCAP standards.

SCAP 1.2 and 1.3 add the concept of the Data Stream, where all of the individual results files are combined into a single XML file. In addition, these versions add a new output format called ARF (Asset Report Format 1.1). For more information, go to http://scap.nist.gov/specifications/arf/.

The appliance uses the Agent software to perform SCAP scan compliance checks. The results files are uploaded to the appliance or organization database and collated into a single file for reporting to a government agency (if required). Results are also displayed for each device on the appliance’s SCAP Scan Results page.

If the Organization component is enabled on your appliance, you view SCAP scan results for each organization separately.

SCAP uses the OVAL Interpreter version 5.10.1 and provides:

These features improve software security, threat assessment, and vulnerability correction.

Definitions of SCAP standards

SCAP scans monitor device security using specified protocols and standards.

Standard

Definition

CCE

Common Configuration Enumeration provides unique identifiers to system configuration issues for facilitating fast and accurate correlation of configuration data across multiple information sources and tools.

The compliance checking results produced by the appliance SCAP scan include the relevant CCE ID references for XCCDF and OVAL definitions for every rule checked as designated by the checklist definition.

CCE information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CPE

Common Platform Enumeration is a structured naming scheme for information technology systems, platforms, and packages. Based on the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a language for describing complex platforms, a method for checking names against a system, and a description format for binding text and tests to a name. In essence, CPE ensures that the security checklist is applied to the correct platform.

This information is available both in the XCCDF result file and the appliance’s SCAP Scan Results page.

CVE

Common Vulnerability and Exposures is a list or dictionary that provides standard identifiers (common names) for publicly known security vulnerabilities and software flaws.

The compliance checking results produced by the appliance SCAP scan include the relevant CVE ID references and OVAL definition for every rule checked in the checklist definition.

For every patch or vulnerability, CVE ID references are provided in the appliance’s SCAP Scan Result page.

The CVE information is stored in a patch result XML file generated by the scan. The file is available for inspection and verification in the Agent’s working directory and on the server’s SCAP Scan Results page.

CVSS

Common Vulnerability Scoring System provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Its quantitative model helps ensure repeatable accurate measurement while enabling users to see the underlying vulnerability characteristics that were used to generate the scores. CVSS is well suited for industries, organizations, and governments that need accurate and consistent vulnerability impact scores. Among others, CVSS assists prioritizing vulnerability remediation activities and calculating the severity of vulnerabilities. The National Vulnerability Database (NVD) provides CVSS scores for almost all known vulnerabilities.

OVAL

Open Vulnerability and Assessment Language is an international, information security, community standard for promoting open and publicly available security content. It standardizes the transfer of this information across the entire spectrum of security tools and services.

The results of each OVAL test are written to several files on the target device and then compiled into a single result file on the appliance and displayed on the SCAP Scan Results page.

SCAP

Secure Content Automation Protocol is a set of open standards that enumerate software flaws, monitor security-related configurations and product names, and examine devices to determine the presence of vulnerabilities and rank (score) the impact of the discovered security issues. See About SCAP.

XCCDF

The eXtensible Configuration Checklist Description Format is a specification language for writing security checklists, benchmarks, and related documents. An XCCDF file contains a structured collection of security configuration rules for a set of target devices. The specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring. See How a SCAP scan works.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating