beautypg.com

Linux target systems, Scan reports cannot be viewed, A scan was submitted but never started – HP Insight Vulnerability and Patch Manager Software User Manual

Page 21: Patches, Patches fail to download with a timeout error

background image

Linux target systems

TCP/IP network protocol is enabled.

SSH is enabled and listening on the default port 22.

Vulnerability and Patch Manager includes PuTTY SSH client and uses the plink session command and
PSCP secure copy, as well as SFTP secure file transfer commands. Both protocols 1.5 and 2.0 are
supported if they are correctly installed and functioning on the target system. To determine which
protocol is running, telnet to port 22 on the target system, read the return banner, and then press Enter.

SSH-1.5—Only protocol 1.5 is supported.

SSH-1.9—Protocol 1.5 and 2.0 are supported. Protocol 1.5 is attempted first.

SSH-2.0—Only protocol 2.0 is supported, the newest and preferred session protocol.

Scan reports cannot be viewed

If scan reports cannot be viewed in .pdf format because Adobe Acrobat cannot be launched, perform the
following procedure:
1.

From Internet Explorer, select Tools

Internet Options.

2.

Click the Advanced tab, and then scroll to Security.

3.

Clear the Do not save encrypted pages to disk option, and then click OK.

4.

For more information, see

http://support.microsoft.com/

default.aspx?scid=kb;en-us;812935&Product=ie600

.

A scan was submitted but never started

All target systems scanned by Vulnerability and Patch Manager must have an IP address that appears in the
Systems Insight Manager console. If a scan is requested for a target system with no IP address, the scan
does not run and an internal error is generated. Be sure that all target systems being scanned have IP
addresses that appear in the Systems Insight Manager console.

Scan results are inaccurate because of overlapping tasks

Do not schedule patch acquisition tasks to run while vulnerability scans are running. Patch acquisition tasks
cause vulnerability scans to abort.

When scheduling vulnerability scans and patches, be sure the two processes do not overlap. Allow adequate
time for a vulnerability scan to complete before starting a patch. If a patch deployment runs during a
vulnerability scan, the scan results might be inaccurate or the target systems might reboot during the scan.

Current patch information is not displayed in scan reports

Scan definition updates are available a few days after the release of patches. You might have a patch in
your patch repository that does not appear in your scan results. You can apply the patch without a scan.
The VPM Patch Agent does not apply patches that are not appropriate. With the new patch reports, you
can also use the Validate VPM Patch Agent operation to determine where patches are needed. This operation
applies to patches only. The VPM Patch Agent does not report on non patch security vulnerabilities.

Patches

Patches fail to download with a timeout error

This error can occur when the internet connection speed is low. To work around this issue, do the following:
1.

Locate the settings.xml file under \Program Files\HP\Systems Insight
Manager\hpwebadmin\webapps\ROOT\mxportal\VPM\config\

folder.

2.

Locate the line .

3.

Increase the timeout value. The timeout value is set in milliseconds

4.

Restart Systems Insight Manager service and restart the acquire update task.

Patches

21