comprep

On-demand Compliance Reports

Security Compliance can generate Compliance Reports on demand. Reports help you assess the security status of clients managed by the OfficeScan server.

For more information on Compliance Reports, see Security Compliance for Managed Clients.

To generate an on-demand Compliance Report:

• Security Compliance > Compliance Assessment > Compliance Report

1. Go to the Client Tree Scope section.

2. Select the root domain or a domain and click Assess.

3. View Compliance Report for client services. For details about client services, see Services.

1. Click the Services tab.

2. Under Computers with Non-compliant Services, check the number of clients with non-compliant services.

3. Click a number link to display all affected clients in the client tree.

4. Select clients from the query result.

5. Click Restart OfficeScan Client to restart the service.

• After performing another assessment and the client still appears as non-compliant, manually restart the service on the client computer.

6. To save the list of clients to a file, click Export.

4. View Compliance Report for client components. For details about client components, see Components.

1. Click the Components tab.

2. Under Computers with Inconsistent Component Versions, check the number of clients with component versions that are inconsistent with the versions on the server.

3. Click a number link to display all affected clients in the client tree.

• If at least one client has a more up-to-date component than the OfficeScan server, manually update the OfficeScan server.

4. Select clients from the query result.

5. Click Update Now to force clients to download components.

Notes:

• To ensure that clients can upgrade the client program, disable the Clients can update components but not upgrade the client program or deploy hot fixes option in Networked Computers > Client Management > Settings > Privileges and Other Settings.

• Restart the computer instead of clicking Update Now to update the Common Firewall Driver.

6. To save the list of clients to a file, click Export.

5. View Compliance Report for scans. For details about scans, see Scan Compliance.

1. Click the Scan Compliance tab.

2. Under Computers with Outdated Scanning, configure the following:

• Number of days a client has not performed Scan Now or Scheduled Scan

• Number of hours Scan Now or Scheduled Scan is running

• If the number of days or hours is exceeded, the client is treated as non-compliant.

3. Click Assess next to the Client Tree Scope section.

4. Under Computers with Outdated Scanning, check the number of clients that satisfy the scan criteria.

5. Click a number link to display all affected clients in the client tree.

6. Select clients from the query result.

7. Click Scan Now to initiate Scan Now on clients.

• To avoid repeating the scan, the Scan Now option will be disabled if Scan Now lasted more than the specified number of hours.

8. To save the list of clients to a file, click Export.

6. View Compliance Report for settings. For details about settings, see Settings.

1. Click the Settings tab.

2. Under Computers with Inconsistent Configuration Settings, check the number of clients with settings inconsistent with the client tree domain settings.

3. Click a number link to display all affected clients in the client tree.

4. Select clients from the query result.

5. Click Apply Domain Settings.

6. To save the list of clients to a file, click Export.

See also:

• Security Compliance

• Security Compliance for Managed Clients

• Scheduled Compliance Reports

• Security Compliance for Unmanaged Endpoints