Server & Workload Protection has many tasks that you might want to perform
automatically on a regular basis. Scheduled tasks are useful when deploying Server & Workload Protection in your environment and also later, to keep
your system up to date and functioning smoothly. They are especially useful for running
scans on a regular basis during off-peak hours.
TipYou can automate scheduled task creation and configuration using the Server & Workload Protection API. For examples, see the Maintain
Protection Using Scheduled Tasks.
|
Create scheduled tasks
To set up a scheduled task in the Server & Workload Protection
console, click Administration > Scheduled Tasks >
New. This opens the "New Scheduled Task Wizard", which takes you
through the steps to create a scheduled task.
Server & Workload Protection performs some tasks (for example, backup
and checking for software updates) automatically.
Check for Security Updates: Regularly check for security updates and
import them into Server & Workload Protection when they are
available. For most organizations, performing this task once daily is ideal.
NoteThe "Check for Security Updates" task ignores offline hosts that have been
uncommunicative for 30 days or more.
|
Generate and Send Report: Automatically generate reports and optionally
have them emailed to a list of users.
Scan Computers for Integrity Changes: Causes the Server & Workload Protection to perform an Integrity Scan to compare
a computer's current state against its baseline.
Scan computers for Malware: Schedules a Malware Scan. The configuration
of the scan is specified on the Policy or Computer Editor > Anti-Malware page for
each computer. For most organizations, performing this task once weekly (or
according to your organization’s policies) is ideal. When you configure this task,
you can specify a timeout value for the scan. The timeout option is available for
daily, weekly, monthly, and once-only scans. It is not available for hourly scans.
When a scheduled malware scan is running and the timeout limit has been reached, any
tasks that are currently running or pending are canceled.
TipWhen a Scan Computers for Malware task times out, the next scheduled
scan starts over from the beginning (it does not start where the previous scan
ended). The goal is to perform a complete scan, so consider making some
configuration changes if your scans regularly reach the timeout limit. You can
change the malware scan configuration to add some exceptions, or extend the
timeout period.
|
Scan Computers for Recommendations: Causes Server & Workload Protection to scan the computer(s) for common
applications and then make recommendations based on what is detected. Performing
regular recommendation scans ensures that your computers are protected by the latest
relevant rule sets and that those that are no longer required are removed. If you
have set the "Automatically implement Recommendations" option for each of the three
protection modules that support it, Server & Workload Protection
will assign and unassign rules that are required. If rules are identified that
require special attention, an alert will be raised to notify you. For most
organizations, performing this task once a week is ideal.
NoteRecommendation Scans can be CPU-intensive, so when scheduling Recommendation
Scans, it is best practice to set the task by group (for example, per policy or
for a group of computers, no more than 1,000 machines per group) and spread it
in different days (for example, database server scans scheduled every Monday;
mail server scans scheduled every Tuesday, and so on). Schedule Recommendation
Scans more frequently for systems that change often.
|
Scheduled Agent Upgrade Task: Schedules an agent upgrade. You can
reference Upgrade best practices for agents to help you determine the best
schedule for agent upgrades.
TipYou can configure this task to upgrade the agent to the latest version, or one of
the two versions before it. The exact version the agent will upgrade to is
determined when the scheduled task is executed. The examples provided within the
scheduled task configuration wizard are based on the Red Hat Enterprise Linux
agent versions.
|
NoteIf you set Agent Version Control to a specific version on a certain platform,
then the Scheduled Agent Upgrade Task does not upgrade the agent on that
platform.
|
Send Outstanding Alert Summary: Generate an email listing all
outstanding (unresolved) alerts.
Send Policy: Regularly check for and send updated policies. Scheduled
updates allow you to follow an existing change control process. Scheduled tasks can
be set to update machines during maintenance windows, off hours, etc.
Synchronize Cloud Account: Synchronize the Computers list with an added
cloud account. (Only available if you have added a cloud account to Server & Workload Protection. Applies to Azure and vCloud accounts
only. Not available for other cloud account types such as AWS and Google Cloud
Platform (GCP).)
Enable or disable a scheduled task
Existing scheduled tasks can be enabled or disabled. For example, you might want to
temporarily disable a scheduled task while you perform certain administrative duties
during which you don't want any activity to occur. The control to enable or disable
a scheduled task is on the General tab of the Task's Properties window.
Set up scheduled reports
Scheduled reports are scheduled tasks that periodically generate and distribute reports
to users and contacts (this feature used to be named "Recurring Reports"). Most of
the options are identical to those for single reports, with the exception of the time
filter.
TipTo generate a report on specific computers from multiple computer groups, create a
user who has viewing rights only to the computers in question and then either create
a scheduled task to regularly generate an "All Computers" report for that user or
sign in as that user and run an "All Computers" report. Only the computers to which
that user has viewing rights will be included in the report.
|