For the existing sets of vulnerability and compliance audit rules, you can add jobs that the application uses to perform device scans.
Only users with the Administrator role can add vulnerability and compliance audit jobs.
The vulnerability and compliance audit job is configured using the Wizard. The Wizard guides you step by step through the configuration of all required job settings. After the configuration is complete, you can wait for the scheduled scans to start on devices or start the scan job manually.
When adding a vulnerability and compliance audit job, you can invoke the Configuration Wizard in the following ways:
In the Configuration Wizard settings, the selected rule set is specified as default.
The Configuration Wizard settings do not have the default values.
The default values of the Configuration Wizard settings are set to the values of the existing job settings.
In the Configuration Wizard settings, a list of devices consisting of the selected devices is generated by default.
To configure job settings in the Configuration Wizard window:
You can create a list of devices using the Add to job and Delete from job buttons. When you add devices, the application opens a window with a table of devices for selection. You can filter and sort the table to display the desired devices.
You can use letters, numerals, a space, and the following special characters: ! @ # № $ % ^ & ( ) [ ] { } / \ : ; , . - _
. The job name must begin and end with any permitted character except space.
The job name must contain no more than 256 characters. The job description must contain no more than 4,096 characters.
You can use this method if the Endpoint Agent software component is installed on the devices selected for the job and integration between the EPP application and Kaspersky Industrial CyberSecurity for Networks is configured. This method is used for scanning using Endpoint Agent on each device.
Use this method if the devices selected for the job do not have the Endpoint Agent software component installed, but it is possible to connect to these devices via protocols that ensure secure management and data transfer. This method requires the following additional data:
You can select only one secret with one set of credentials for the job. The credentials stored in the selected secret must be valid on all devices selected for the job: connecting to these devices must be possible with the same credentials from the secret. Bear in mind that certain types of system data, such as passwords of operating system users, can be obtained only if requested by a user with a sufficiently high level of privileges. To get this data, you need to specify in the secret the credentials of a user with an appropriate level of privileges, such as a user with root access or a user listed in /etc/sudoers.
If a secret with the required credentials has not been added to the application, you can open a new tab in the browser without closing the Configuration Wizard window, connect to the Server and add the secret, and then use the button in the Configuration Wizard window to refresh the list of secrets.
The application run the job according to the schedule, provided that the previous start of this job has been completed. If by the time a scheduled job is started its previous launch has the Running status, the application skips the run of the scheduled job.
The maximum number of report recipients is 10.
The specified settings are displayed in the job details, on the Settings, Rules, and Devices tabs.
Page top