The SilverBack patch scanning feature monitors your Windows devices, reports upon software inventory changes, and alerts you to any missing patches. The resulting reports provide a means of downloading the necessary Microsoft security patches, minimizing productivity loss and reducing network load.
By default, patch scans automatically run weekly on Sundays at 6:00 PM for managed devices you select. Unmanaged devices are not scanned. You can also run patch scans on demand.
The SilverBack vulnerability scanning feature monitors your network devices for known vulnerabilities, such as exploitable services or configuration issues, and alerts you to any vulnerabilities. You can scan any network device for vulnerabilities, including Windows and UNIX systems, routers and even network-attached printers.
By default, vulnerability scans run weekly on Sundays at 1:02 AM for managed devices you select. Unmanaged devices are not scanned. You can also run vulnerability scans on demand. Vulnerabilities are updated each time a device is scanned.
This topic takes you through the minimum steps required to perform a customer security audit:
From the Security category page click on the Browse Patch Scans link to display the Patch Scans report.
Click on the patch scan you want to run, then select the More > Scan Now option.
The targeted devices will now be scanned for missing patches.
From the Security category page click on the Browse Vulnerability Scans link to display the Vulnerability Scans report.
Click on the vulnerability scan you want to run, then select the More > Scan Now option.
The targeted devices will now be scanned for vulnerabilities.
Patch audit reports include:
Missing Patches By Device Report - Identifies the Windows devices in your environment that are missing Microsoft security patches. The report enables you to quickly determine a priority for security patch installation based on your most mission critical systems.
Missing Patch Detail Report - Enables you to view security bulletin information about all or just a single Windows device.
Missing Patches By Bulletin Report - Enables you to obtain detailed information about each of the currently available Microsoft security bulletins, and the number of vulnerable Windows devices on your network that are affected by missing security patches.
Missing Patches by Patch Scan Report - Identifies the Windows devices in your environment that are missing Microsoft security patches, sorted by Patch Scan name.
Missing Patches By Product Report - Enables you to view the Microsoft products running on your scanned Windows devices, and the number of missing security patches for each. This report enables you to quickly determine which Microsoft products on your network are most at risk. These generally includes the operating system and all its base components, and SQL Server.
Patch Compliance Report - Enables you to see if the Windows devices on your network are in compliance with all current Microsoft security patches. The goal is to have a zero number of vulnerable devices affected by missing security patches. From this report, you can download the necessary Microsoft security patches.
Each patch audit report includes filters that you can use to narrow or widen the scope of the report, or navigate to other reports:
Report Type - Enables you to display related reports
Show - Enables you to view security bulletin information about all, or about a single, Windows device
From the Security category page click on the Browse Patch Scan Results link to display the Missing Patches By Device report.
On any patch audit report, select the report name from the Report Type filter.
Click on the Refresh button.
The selected report displays.
Vulnerability audit reports include:
|
Report |
Description |
|
Vulnerability Summary By Device |
Displays the total number of security vulnerabilities found per device during the last vulnerability scan |
|
Vulnerability Summary By Vulnerability Scan |
Displays the total number of security vulnerabilities found per vulnerability scan during the last vulnerability scan |
|
Vulnerability Audits |
Displays security vulnerabilities found during the last vulnerability scan |
|
Discovered Ports |
Displays all ports discovered during the vulnerability scan |
|
Discovered Windows Process |
Displays all Windows processes discovered during the vulnerability scan |
|
Discovered Windows Services |
Displays all Windows services discovered during the vulnerability scan |
|
Discovered Windows Shares |
Displays all Windows shares discovered during the vulnerability scan |
|
Discovered Windows Users |
Displays all Windows users discovered during the vulnerability scan |
Each vulnerability audit report includes filters that you can use to narrow or widen the scope of the report, or navigate to other reports:
Report Type - Enables you to display related reports
Show - Enables you to view vulnerability information about all, or about a single, Windows device
Target - Enables you to view vulnerability information about there following target types:
All - All managed assets
Networks - Routers, switches and firewalls
Systems - Windows servers and desktops, Exchange, HP-UX, Solaris, SCO, AIX and Linux servers, and printers
Applications - Exchange, Active Directory, Oracle and SQL Server
Other - Assets that cannot be classified as either systems or networks
From the Security page click on the Browse Vulnerability Scan Results link to display the Vulnerability Summary By Device (All) report.
On any vulnerability audit report, select the report name from the Report Type filter.
Click on the Refresh button.
The selected report displays.
