compsman
Security Compliance generates a Compliance Report to help you assess the security status of clients managed by the OfficeScan server. Security Compliance generates the report on demand or according to a schedule.
On-demand and scheduled reports are available on the Compliance Report screen. The screen contains the following tabs:
Services: Use this tab to check if client services are functional. For details, see Services.
Components: Use this tab to check if clients have up-to-date components. For details, see Components.
Scan Compliance: Use this tab to check if clients are running scans regularly. For details, see Scan Compliance.
Settings: Use this tab to check if client settings are consistent with the settings on the server. For details, see Settings.
The Components tab can display OfficeScan clients running the current and earlier versions of the product. For the other tabs, only OfficeScan clients running version 10.5 or later are shown.
Security Compliance queries the clients’ connection status before generating a Compliance Report. It includes online and offline clients in the report, but not roaming clients.
For role-based user accounts:
Each web console user account has a completely independent set of Compliance Report settings. Any changes to a user account’s Compliance Report settings will not affect the settings of the other user accounts.
The scope of the report depends on the client domain permissions for the user account. For example, if you grant a user account permissions to manage domains A and B, the user account’s reports will only show data from clients belonging to domains A and B.
For details about user accounts, see Role-based Administration.
Security Compliance checks whether the following OfficeScan client services are functional:
Antivirus
Anti-spyware
Firewall
Web Reputation
Behavior Monitoring/Device Control (also referred to as Trend Micro Unauthorized Change Prevention Service)
Data Protection
A non-compliant client is counted at least twice in the Compliance Report.
Compliance Report - Services tab
In the Computers with Non-compliant Services category
In the category for which the client is non-compliant. For example, if the client’s Antivirus service is not functional, the client is counted in the Antivirus category. If more than one service is not functional, the client is counted in each category for which it is non-compliant.
Restart non-functional services from the web console or from the client computer. If the services are functional after the restart, the client will no longer appear as non-compliant during the next assessment.
Security Compliance determines component version inconsistencies between the OfficeScan server and clients. Inconsistencies typically occur when clients cannot connect to the server to update components. If the client obtains updates from another source (such as the Trend Micro ActiveUpdate server), it is possible for a client’s component version to be newer than the version on the server.
Security Compliance checks the following components:
|
|
A non-compliant client is counted at least twice in the Compliance Report.
Compliance Report - Components tab
In the Computers with Inconsistent Component Versions category
In the category for which the client is non-compliant. For example, if the client’s Smart Scan Agent Pattern version is not consistent with the version on the server, the client is counted in the Smart Scan Agent Pattern category. If more than one component version is inconsistent, the client is counted in each category for which it is non-compliant.
To resolve component version inconsistencies, update outdated components on the clients or server.
Security Compliance checks if Scan Now or Scheduled Scan are run regularly and if these scans are completed within a reasonable amount of time.
Security Compliance can only report the Scheduled Scan status if Scheduled Scan is enabled on clients.
Security Compliance uses the following scan compliance criteria:
No Scan Now or Scheduled Scan performed for the last (x) days: A client is non-compliant if it did not run Scan Now or Scheduled Scan within the specified number of days.
Scan Now or Scheduled Scan exceeded (x) hours: A client is non-compliant if the last Scan Now or Scheduled Scan lasted more than the specified number of hours.
A non-compliant client is counted at least twice in the Compliance Report.
Compliance Report - Scan Compliance tab
In the Computers with Outdated Scanning category
In the category for which the client is non-compliant. For example, if the last Scheduled Scan lasted more than the specified number of hours, the client is counted in the Scan Now or Scheduled Scan exceeded <x> hours category. If the client satisfies more than one scan compliance criteria, it is counted in each category for which it is non-compliant.
Run Scan Now or Scheduled Scan on clients that have not performed scan tasks or were unable to complete scanning.
Security Compliance determines whether clients and their parent domains in the client tree have the same settings. The settings may not be consistent if you move a client to another domain that is applying a different set of settings, or if a client user with certain privileges manually configured settings on the client console.
OfficeScan verifies the following settings:
|
|
A non-compliant client is counted at least twice in the Compliance Report.
Compliance Report - Settings tab
In the Computers with Inconsistent Configuration Settings category
In the category for which the client is non-compliant. For example, if the scan method settings in the client and its parent domain are not consistent, the client is counted in the Scan Method category. If more than one set of settings is inconsistent, the client is counted in each category for which it is non-compliant.
To resolve the setting inconsistencies, apply domain settings to the client.
See also: