Deploying patches, Reviewing vulnerability and patch manager events, Scan events – HP Insight Vulnerability and Patch Manager Software User Manual

Description

Scan definition

Windows Vista® vulnerabilities

Vista

* This scan definition is not included with the current version of Vulnerability and Patch Manager and only exists if previous versions
of the software have been installed.

For more information on vulnerability scanning, see the Vulnerability and Patch Manager online help.

•

To perform a vulnerability scan, select Diagnose

→Vulnerability and Patch Manager→Scan→Scan

for Vulnerabilities

.

•

To customize vulnerability scan definitions, select Diagnose

→Vulnerability and Patch

Manager

→Customize Scan..

•

Deleting a customized vulnerability scan, select Diagnose

→Vulnerability and Patch

Manager

→Customize Scan., select the scan, and then click Delete.

•

To view vulnerability scan results, select Diagnose

→Vulnerability and Patch Manager→Scan→View

Results by Scan Name

or select Diagnose

→Vulnerability and Patch Manager→Scan→View

Results by System

.

•

To delete vulnerability scan results, select Diagnose

→Vulnerability and Patch Manager→Scan→View

Results by Scan Name

or select Diagnose

→Vulnerability and Patch Manager→Scan→View

Results by System

, select the targets, and then click Delete.

Deploying patches

You can deploy patches immediately or schedule deployment for a later time. You can select patches
individually from the database for deployment to all systems or any combination of specified systems without
performing a scan, or deploy patches for all vulnerabilities identified in a particular scan. Patches come
from the software vendor and update existing software, registry, or configuration settings or files.

Information about patches:

•

If required by the installed or remvoed patch, target systems are rebooted based on the reboot
information obtained from the original patch source. Reboot information might occasionally inaccurately
indicate whether a patch installation requires a reboot.

•

If multiple patches requiring reboots are applied, target systems are only rebooted one time after all
patches are applied. Required reboots are deferred and performed later. HP recommends performing
required reboots as soon as possible because the status of patched systems might be unstable when a
required reboot is deferred.

•

To determine patch applicability, the Vulnerability and Patch Manager might enhance patch detection
criteria to be more precise than vendor information. These patches are displayed with an asterisk in
the Patch Source column. HP in no way modifies the patch itself.

•

Risk and Vulnerability ID information might not display because this information was not available at
the time the patch was acquired. The information will display when the vulnerability database is updated
to include this information.

•

By default, patches are sorted by the latest release date. Select a column heading to re-sort patches.

•

Target systems that are down at the time of a scheduled patch application are patched when the system
is brought online.

For more information on deploying patches, see the Vulnerability and Patch Manager online help.

Reviewing Vulnerability and Patch Manager events

Vulnerability and Patch Manager creates events in Systems Insight Manager. These events can be viewed
with all Systems Insight Manager events in the Events list or independently in the VPM Events list.

Scan events

The following table lists the events created by the Vulnerability and Patch Manager scanning components.

12

Using Vulnerability and Patch Manager