Compliance_report
Compliance Report ensures that OfficeScan clients managed by the server have the correct services, latest components, consistent settings, or are running scans regularly. For details, refer to Enforcing Security Compliance.
Remember the following:
Compliance Report includes online and offline clients, but not roaming clients.
OfficeScan queries the connection status at the time of assessment. Results will not display changes made after assessment.
When using role-based accounts, you can retain the scan compliance and scheduled compliance report settings for your account.
The tasks you need to perform to ensure compliance:
Configure compliance criteria for Scan Compliance.
Select the domain from the Client Tree Scope and click Assess to get the latest data.
Configure the action on non-compliant clients.
Configure Scheduled Assessments.
Compliance Report contains the following sections or tabs:
Only the Components tab displays clients running earlier OfficeScan versions. Services, Scan Compliance, and Settings will only display OfficeScan 10.5 clients.
Service compliance determines whether computers in the network have the correct services and if these services are functional. Users might have disabled OfficeScan services or there might be some issues with these services.
Use Scheduled Compliance Report to verify status of OfficeScan client services.
OfficeScan verifies the following services:
Service compliance counts a client
with several non-compliant services:
- Once for each of the services for which it
is non-compliant. For example, if a client's Antivirus and Anti-spyware
services are non-compliant, OfficeScan adds the client to the Antivirus
category, and again to the Anti-spyware category.
- Once in the Computers with Non-compliant Services
category.
Antivirus
Anti-spyware
Firewall
Web Reputation
Behavior Monitoring/Device Control
When a non-compliant client is reported, restart the client. If the client services are functional after the restart, the client will no longer appear as non-compliant during the next assessment. Refer to Enforcing Security Compliance.
Component compliance determines component inconsistencies between the OfficeScan server and clients. Inconsistencies typically occur when clients cannot connect to the server to update components. If the client obtains an update from another source (such as the ActiveUpdate server), it is possible for a component in the client to be newer than the one in the server.
Use Scheduled Compliance Report to verify status of OfficeScan client components.
OfficeScan verifies the following components:
Security compliance counts a client
with several inconsistent component versions:
- Once for each of the inconsistent component
versions. For example, if a client's Antivirus and Anti-spyware components
are outdated, OfficeScan adds the client in the Antivirus category, and
again in the Anti-spyware category.
- Once in the Computers with Inconsistent Component
Versions category.
Smart Scan Agent Pattern
Virus Pattern
IntelliTrap Pattern
IntelliTrap Exception Pattern
Virus Scan Engine
Spyware Pattern
Spyware Active-monitoring Pattern
Spyware Scan Engine
Virus Cleanup Template
Virus Cleanup Engine
Common Firewall Pattern
Common Firewall Driver
Behavior Monitoring Driver
Behavior Monitoring Core Service
Behavior Monitoring Configuration Pattern
Digital Signature Pattern
Policy Enforcement Pattern
Behavior Monitoring Detection Pattern
Program Version
Update components to ensure security compliance. Refer to Enforcing Client Updates. When clicking Update Now, remember the following:
Disable the Clients can update components but not upgrade the client program or deploy hot fixes option on Client Management > Privileges and Other Settings to ensure that OfficeScan can upgrade the client program.
Restart the computer instead of clicking Update Now to update the Common Firewall Driver.
If the client has a more updated component than the OfficeScan server, manually update the OfficeScan server.
Scan compliance checks if Scan Now or Scheduled Scan are run regularly and if these scans are completed within a reasonable amount of time. Run Scan Now or Scheduled Scan on clients that have not performed scan tasks or were unable to complete scanning.
Use Scheduled Compliance Report to verify scan compliance status of OfficeScan clients.
OfficeScan verifies the following:
Scan compliance counts a client
with several scan issues:
- Once for each of the scan compliance rules.
If a client has not completed a Scheduled Scan, and Scan Now exceeded
the specified amount of time, OfficeScan adds the client in both categories.
- Once in the Computers with Outdated Scanning
category.
Scan Compliance only assesses clients if Scheduled Scan has been enabled.
No Scan Now or Scheduled Scan performed for the last (x) days
Scan Now or Scheduled Scan exceeded (x) hours
Initiate Scan Now on non-compliant clients to ensure security compliance. Refer to Enforcing Security Compliance.
Configuration compliance determines whether clients have the same configurations as their parent domains in the client tree. Configurations may be inconsistent if you move a client to another domain that is applying a different set of configurations, or if a client user with certain privileges manually configured settings on the client console.
Use Scheduled Compliance Report to verify status of OfficeScan client settings.
OfficeScan verifies the following settings:
Settings compliance counts a client
with several inconsistent settings:
- Once for each of the inconsistent settings.
For example, if a client's Real-time Scan and Manual Scan settings are
inconsistent, OfficeScan adds the client in the Real-time Scan settings
category, and again in the Manual Scan settings category.
- Once in the Computers with Inconsistent Settings
category.
Scan Method
Manual Scan Settings
Real-time Scan Settings
Scheduled Scan Settings
Scan Now Settings
Privileges and Other Settings
Additional Service Settings
Web Reputation
Behavior Monitoring
Device Control
Spyware/Grayware Approved List
Apply domain settings to ensure security compliance. Refer to Enforcing Security Compliance.
See also: