outside_server_management

Outside Server Management

Ensure security compliance for computers within the network domains, but not managed by the OfficeScan server. Use Active Directory and IP addresses to query and determine non-compliant computers.

After querying Active Directory or IP addresses, the Web console displays the security status of computers. The security status can be any of the following:

Computer protection status

Status

Description

Managed by another OfficeScan server

The OfficeScan clients installed on the computers are managed by another OfficeScan server. Clients are online and run either this OfficeScan version or an earlier version.

No OfficeScan client installed

The OfficeScan client is not installed on the computer.

Unreachable

The OfficeScan server cannot connect to the computer and determine the status of the client.

Unresolved Active Directory Assessment

The computer is a part of the Active Directory domain but OfficeScan is unable to determine the status.

  • The OfficeScan server database contains a list of clients that the server manages. The server queries Active Directory for the computers' GUIDs and then compares them with GUIDs stored in the database. If a GUID is not in the database, the computer will fall under the Unresolved Active Directory Assessment category.

To use Outside Server Management, ensure that the OfficeScan server computer is part of the network to query Active Directory domains and IP addresses.

To enforce security compliance, perform the following tasks:

  1. Define Active Directory/IP Address Scope and Query.

  2. Check unprotected computers from the Query Result.

  3. Install the OfficeScan client. Refer to Installing with Security Compliance.

  4. Configure Scheduled Query.

Active Directory/IP Address Scope and Query

When using Outside Server Management for the first time, define the Active Directory/IP address scope, which includes Active Directory objects and IP addresses that the OfficeScan server will query on demand or periodically. After defining the scope, start the query process.

  1. On the Active Directory/IP Address Scope section, click Define.

  2. In the screen that opens, use Active Directory and/or IP address to query:

  3. Click the plus () or minus () button to add or delete IP address ranges.

  4. Under Advanced Setting, specify ports used by OfficeScan servers to communicate with clients. Setup randomly generates the port number during OfficeScan server installation.

    1. Click Specify ports.

    2. Type the port number and click Add. Repeat this step until you have all the port numbers you want to add.

    3. Click Save.

  5. Choose whether to check a computer’s connectivity using a particular port number. When connection is not established, OfficeScan immediately treats the computer as unreachable. The default port number is 135.

  6. To save the scope and start the query, click Save and re-assess. To save the settings only, click Save only.

The Outside Server Management screen displays the result of the query.

Query Result

The Security Status section classifies computers as:

Refer to Computer protection status.

Recommended tasks: >>>

  1. On the Security Status section, click a number link to display all affected computers.

  2. Use the search and advanced search functions to search and display only the computers that meet the search criteria.

  3. If you use the advanced search function, specify the following items:

    OfficeScan will not return a result if the name is incomplete. Use the wildcard character (*) if unsure of the complete name.

  4. To save the list of computers to a file, click Export.

  5. For clients managed by another OfficeScan server, use the Client Mover tool to have these clients managed by the current OfficeScan server. For more information about this tool, see Client Mover.

Scheduled Query

Configure Outside Server Management to periodically query the Active Directory and IP addresses to ensure that security guidelines are implemented.

  1. Enable scheduled query.

  2. Specify the schedule.

  3. Click Save.

See also: