Capture and report on device patches and security settings

Capture and report on device patches and security settings

Brief Description

We would find it valuable to be able to capture and report on the status of simple security settings and applied patches on discovered devices.  Specifically a list of all installed patches, status of firewall (on/off), disk encryption, firewall rules, anything else that's relevant? This could be used for compliance reporting and a would make a great feature for a "security" widget.

I've attached a picture of VMWare's Airwatch implementation, simple but effective.

security_attributes.png

Benefits / Value

Having the capability to quickly and easily report on applied patches and security settings across discovered devices would provide value when major vulnerabilities are released or prior to an audit.  Although this capability exists in many other desktop management tools, it seems straight-froward to bring it into CMDB and it would provide clients with peace of mind knowing their respective environments are up-to-date. 

Design details

To avoid clutter with installed applications, KB's and patches should exists as their own CI Type.  This way you can do things such as integrate installed software with Asset Management and/or Service Management but not clutter those databases with large amounts of patch data by exluding the "patch CI type".

Other security settings could be captured as attributes of a node.

1 Comment
doronorbach Honored Contributor.
Honored Contributor.
Status changed to: Waiting for Votes

Thank you Mike!

The idea has received an initial review to ensure adherence to our idea submission and community guidelines. We ask the community to help prioritize the idea with comments and community support (votes/kudos).

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.