Job Management Partner 1/Client Security Control
Description, User's Guide and Operator's Guide
3020-3-S71-30(E)
Contents
- Notices
- Summary of amendments
- Preface
- Part 1: Overview
- 1. Overview
- 1.1 Client security control system overview
- 1.2 Client security control system features
- 1.2.1 Integrated management of information about IT assets
- 1.2.2 Judgment of client security levels
- 1.2.3 Implementation of actions appropriate to security level
- 1.2.4 Security audit of clients
- 1.2.5 Viewing trends in security measures
- 1.2.6 Automatic update of security policies relating to security updates
- 1.2.7 Automatic update of security policies relating to anti-virus products
- 1.2.8 Building and running a quarantine system by linking with a network control product
- 1.2.9 Linkage with JP1/IM
- 1.3 Typical uses of a client security control system
- 1.3.1 Send warning messages to clients with inadequate security
- 1.3.2 Denying network connections to clients with inadequate security
- 1.3.3 Distributing the latest security update programs and definition files to clients with inadequate security
- 1.3.4 Creating a list of clients with inadequate security
- 1.3.5 Viewing a history of judgments and actions for a specific client
- 1.3.6 Outputting PC list information to a file
- 1.3.7 Implementing actions after all security level judgments have been made
- 1.3.8 Gauge trends in security countermeasure statuses
- 1.3.9 Gauge trends in countermeasure usage for user-defined judgment items
- 1.4 Work flow from installation to starting operation
- Part 2: Functionality
- 2. Client Security Control System Functionality
- 2.1 Overview of functionality
- 2.2 Managing inventory information
- 2.3 Managing security policies
- 2.4 Judging security levels
- 2.5 Implementing actions
- 2.5.1 Implementing an action as a result of security level judgment
- 2.5.2 Implementing an action as a result of administrator instructions
- 2.6 Managing client security levels
- 3. Client Security Control System Configuration
- 3.1 System configuration
- 3.2 Product configuration
- 3.3 Prerequisite programs
- Part 3: System Design and Setup
- 4. Considerations for Installing and Operating a Client Security Control System
- 4.1 Design considerations and system configuration
- 4.1.1 Items to consider for system installation
- 4.1.2 Designing a system configuration
- 4.1.3 Operating on a cluster system
- 4.2 Setting up a management server
- 4.2.1 Procedures for program setup
- 4.2.2 Setting up a database
- 4.2.3 Setting up a management terminal
- 4.3 Setting up a remote management server
- 4.3.1 Anti-virus products
- 4.4 Setting up a client
- 4.4.1 Functionality limitations by the version of JP1/Software Distribution Client
- 4.4.2 MBSA or WUA
- 4.4.3 Anti-virus products
- 4.5 Setting up a quarantine system
- 4.6 Installing anti-virus products that link with automatic judgment policy updating
- 4.7 Considerations for security policies
- 4.7.1 Guides for security level judgment standards
- 4.7.2 Considerations for judgment policies
- 4.7.3 Considerations for action policies
- 4.7.4 Considerations for assigning security policies to clients
- 4.8 Lifecycle of a client security control system
- 5. Installation and Setup
- 5.1 Procedures for installation and setup
- 5.2 Installing and setting up JP1/Software Distribution Manager
- 5.2.1 Installing JP1/Software Distribution Manager
- 5.2.2 Setting up JP1/Software Distribution Manager
- 5.3 Installing and setting up Asset Information Manager (optional)
- 5.3.1 Installing Asset Information Manager
- 5.3.2 Setting up Asset Information Manager
- 5.4 Installing and setting up JP1/CSC - Manager
- 5.4.1 Installing JP1/CSC - Manager
- 5.4.2 Uninstalling JP1/CSC - Manager
- 5.4.3 Setting up JP1/CSC - Manager
- 5.4.4 Setting up JP1/CSC - Manager and the remote service to start automatically
- 5.5 Installing and setting up JP1/CSC - Manager Remote Option
- 5.5.1 Installing JP1/CSC - Manager Remote Option
- 5.5.2 Uninstalling JP1/CSC - Manager Remote Option
- 5.5.3 Setting up JP1/CSC - Manager Remote Option
- 5.5.4 Setting up the virus definition information monitoring service to start automatically
- 5.6 Installing and setting up JP1/Software Distribution Client
- 5.7 Installing and setting up JP1/CSC - Agent
- 5.7.1 Installing JP1/CSC - Agent
- 5.7.2 Uninstalling JP1/CSC - Agent
- 5.7.3 Setting up JP1/CSC - Agent
- 5.7.4 Setting up JP1/CSC - Agent to start automatically
- 5.8 Creating CSC administrators and CSC users
- 5.8.1 Setting up CSC administrators during installation
- 5.8.2 Creating a CSC user
- 5.8.3 Preventing update processing for detailed device information
- 5.9 Procedures for setting a task in Scheduled Tasks
- 6. Managing Security Policies
- 6.1 Procedures and window transitions for policy settings
- 6.2 Managing judgment policies
- 6.2.1 Creating a judgment policy
- 6.2.2 Editing a judgment policy
- 6.2.3 Deleting a judgment policy
- 6.2.4 Renaming a judgment policy
- 6.2.5 Copying a judgment policy
- 6.3 Editing a security update judgment policy
- 6.3.1 Performing judgment by the latest security updates
- 6.3.2 Performing judgment by a specified security update
- 6.3.3 Automatically updating judgment policies for security updates
- 6.4 Editing an anti-virus product judgment policy
- 6.4.1 Adding anti-virus product information
- 6.4.2 Changing anti-virus product information
- 6.4.3 Deleting anti-virus product information
- 6.4.4 Importing anti-virus product information
- 6.4.5 Exporting anti-virus product information
- 6.4.6 Updating judgment policies for anti-virus products automatically or manually
- 6.5 Editing a prohibited software judgment policy
- 6.5.1 Adding prohibited software information
- 6.5.2 Changing prohibited software information
- 6.5.3 Deleting prohibited software information
- 6.5.4 Importing prohibited software information
- 6.5.5 Exporting prohibited software information
- 6.6 Editing a mandatory software judgment policy
- 6.6.1 Adding mandatory software information
- 6.6.2 Changing mandatory software information
- 6.6.3 Deleting mandatory software information
- 6.6.4 Importing mandatory software information
- 6.6.5 Exporting mandatory software information
- 6.7 Editing a PC security setting judgment policy
- 6.7.1 Defining account settings
- 6.7.2 Defining password settings
- 6.7.3 Defining logon settings
- 6.7.4 Defining share settings
- 6.7.5 Defining anonymous connection settings
- 6.7.6 Defining service settings
- 6.7.7 Defining firewall settings
- 6.7.8 Defining automatic update settings
- 6.7.9 Defining screensaver settings
- 6.7.10 Defining drive encryption
- 6.8 Editing a user-defined judgment policy
- 6.8.1 Adding a judgment item to a user definition
- 6.8.2 Changing a judgment item in a user definition
- 6.8.3 Deleting a judgment item in a user definition
- 6.8.4 Importing user-defined judgment items
- 6.8.5 Exporting user-defined judgment items
- 6.9 Managing action policies
- 6.9.1 Creating an action policy
- 6.9.2 Editing an action policy
- 6.9.3 Deleting an action policy
- 6.9.4 Renaming an action policy
- 6.9.5 Copying an action policy
- 6.10 Setting an action for each security level
- 6.10.1 Setting an action for a security level in the Edit Action Policy window
- 6.10.2 Command execution for user-defined actions
- 6.11 Editing an administrator notification email
- 6.11.1 Editing email in the Edit Action Policy (Customize Email) window
- 6.11.2 Email sender address and transmission unit
- 6.12 Editing a client user notification message
- 6.12.1 Editing messages in the Edit Action Policy (Customize Message) window
- 6.12.2 Checking the execution results of message notification jobs
- 6.13 Assigning security policies to clients
- 6.14 Displaying clients that meet specified conditions
- Part 4: System Operation
- 7. Managing Inventory Information
- 7.1 Managing inventory information
- 7.1.1 Inventory information used on a client security control system
- 7.1.2 Detecting non-Software Distribution clients
- 7.1.3 Automatically collecting inventory information
- 7.1.4 Detecting unapplied security updates
- 7.2 Detecting non-Software Distribution clients
- 7.2.1 Using the JP1/Software Distribution host search to detect non-Software Distribution clients
- 7.2.2 Excluding non-Windows machines from detection
- 7.3 Automatically obtaining client inventory information
- 7.3.1 Setup methods
- 7.3.2 Notification timing for inventory information
- 7.3.3 Precautions
- 7.4 Detecting security updates not applied to a client
- 8. Monitoring Clients
- 8.1 Transitions of windows used for client monitoring
- 8.2 Searching for clients
- 8.3 Checking detailed information for a client
- 8.3.1 Checking detailed information for a security update
- 8.3.2 Checking detailed information for an anti-virus product
- 8.3.3 Checking detailed information for prohibited software
- 8.3.4 Checking detailed information for mandatory software
- 8.3.5 Checking detailed information for PC security settings
- 8.3.6 Checking detailed information for a user definition
- 8.3.7 Checking device details for a client
- 8.3.8 Checking history of judgments and actions for a client
- 8.4 Judging a client security level
- 8.5 Enabling and disabling security management for a client
- 8.5.1 Disabling security management
- 8.5.2 Enabling security management
- 8.6 Outputting history of judgments and actions as a CSV file
- 9. Dealing with Security Risks
- 9.1 Action implementation methods and action types
- 9.1.1 Action implementation methods
- 9.1.2 Action types
- 9.2 Sending messages to client users
- 9.2.1 Message notification by action policy
- 9.2.2 Message notification by administrator
- 9.2.3 Example of a notification message to a client user
- 9.3 Controlling client network connections
- 9.3.1 Network connection control by action policy
- 9.3.2 Network connection control by administrator
- 9.4 Sending email to administrators
- 9.5 Executing user-defined actions
- 10. Auditing Security
- 10.1 Transitions of windows used for auditing security
- 10.2 Outputting search results of clients to a file
- 10.2.1 Outputting search results as a CSV
- 10.3 Evaluating the status of security measures on clients
- 10.3.1 Searching for the evaluation results of the status of security measures
- 10.3.2 Outputting results of estimation to a CSV file
- 10.4 Gauging trends in security measure evaluation
- 10.4.1 Storing statistics
- 10.4.2 Searching statistics
- 10.4.3 Outputting statistics to a CSV file
- 10.4.4 Displaying statistics as a graph
- 11. Linking to JP1/IM
- 11.1 Linking to JP1/IM
- 11.1.1 Example system configuration
- 11.1.2 Setting up JP1/IM linkage
- 11.1.3 Displaying JP1/IM integrated console windows
- Part 5: Quarantine Systems
- 12. Overview of Quarantine Systems
- 12.1 About quarantine systems
- 12.1.1 Network control products that can link to JP1/CSC
- 12.1.2 Quarantine system overview by linked product
- 12.2 Quarantine system linked to JP1/NM
- 12.2.1 Basic configuration of quarantine system linked to JP1/NM
- 12.2.2 Required products and prerequisite OSs
- 12.3 Quarantine system linked to an authentication server
- 12.3.1 Configuration of a quarantine system linked to an authentication server
- 12.3.2 Required products and prerequisite OSs
- 12.4 Quarantine system linked to JP1/Software Distribution (AMT Linkage facility)
- 12.4.1 Basic configuration of quarantine system linked to JP1/Software Distribution (AMT Linkage facility)
- 12.4.2 Required products and prerequisite OS
- 13. Setting Up a Quarantine System
- 13.1 Setting up a quarantine system linked to JP1/NM
- 13.1.1 Flow of system setup
- 13.1.2 Setting up a network control server
- 13.1.3 Setting up a treatment or monitoring server
- 13.1.4 Setting up a client
- 13.1.5 Setting up the environment for operation
- 13.2 Setting up a quarantine system linked to an authentication server
- 13.2.1 Flow of system setup
- 13.2.2 Setting up an authentication server
- 13.2.3 Setting up the network control device (dynamic VLAN environment)
- 13.2.4 Setting up the network control device (static VLAN environment)
- 13.2.5 Setting up a treatment server
- 13.2.6 Setting up a client
- 13.2.7 Setting up the environment before operation can be started
- 13.3 Setting up a quarantine system linked to JP1/Software Distribution (AMT Linkage facility)
- 13.3.1 Flow of system setup
- 13.3.2 Setting up a management and network control server
- 13.3.3 Setting up a treatment server
- 13.3.4 Setting up the environment for operation
- 14. Operating a Quarantine System
- 14.1 Operating a quarantine system linked to JP1/NM
- 14.1.1 Example of quarantine system operation using the JP1/NM quarantine support facility
- 14.1.2 Operation without the JP1/NM quarantine support facility
- 14.1.3 Tasks during operation of a quarantine system linked to JP1/NM
- 14.1.4 Implementing client security measures
- 14.1.5 Adding new clients to the network
- 14.1.6 Registering permitted PCs
- 14.1.7 Removing a client after operation has started
- 14.2 Operating a quarantine system linked to an authentication server
- 14.2.1 Example of operating a quarantine system linked to an authentication server in a dynamic VLAN environment (IEEE 802.1X authentication)
- 14.2.2 Example of operating a quarantine system linked to an authentication server in a static VLAN environment (MAC authentication)
- 14.2.3 Tasks during operation of a quarantine system linked to an authentication server
- 14.2.4 Managing the connection control list
- 14.2.5 Implementing security measures on a client
- 14.2.6 Adding a new client to the network
- 14.2.7 Removing clients after operation has started
- 14.2.8 Managing network connection histories for clients
- 14.3 Operating a quarantine system linked to JP1/Software Distribution (AMT Linkage facility)
- 14.3.1 Example of quarantine system operation linked to JP1/Software Distribution (AMT Linkage facility)
- 14.3.2 Tasks during operation of a quarantine system linked to JP1/Software Distribution (AMT Linkage facility)
- 14.3.3 Implementing client security measures
- 14.3.4 Adding new clients to the network
- 14.3.5 Removing a client after operation has started
- Part 6: Reference
- 15. Commands
- List of commands
- Command details
- cscaction (implements actions for a specified client)
- cscassign (assigns security policies to clients)
- cscexportcount (outputs statistics on the status of security measures)
- cscexportpclist (outputs PC list information)
- cscjudge (judges security levels)
- cscnetctrl (controls network connections)
- cscnwmaintenance (maintains a list of permitted devices)
- cscpatchupdate (updates patch information for judgment policies relating to security updates)
- cscpolexport (exports judgment policies)
- cscpolimport (updates judgment policy settings)
- cscrdelete (deletes information about a specified client from the connection control list)
- cscrexport (exports a connection control list)
- cscrimport (imports a connection control list)
- cscsetup (sets up JP1/CSC - Manager)
- cscstorecount (stores statistics about the status of security measures)
- Command used in a user-defined action
- 16. Definition Files
- 16.1 List of definition files
- 16.2 Judgment policy definition files
- 16.2.1 Import destination of judgment policy definition files
- 16.2.2 List of setting values
- 16.2.3 Definition file of excluded security updates
- 16.2.4 Definition file for mandatory security updates
- 16.2.5 Definition file for mandatory service packs
- 16.2.6 Anti-virus products definition file
- 16.2.7 Prohibited software definition file
- 16.2.8 Mandatory software definition file
- 16.2.9 User definition file
- 16.3 Mail address definition file
- 16.4 Product name definition file
- 16.5 Asset number file
- 16.6 Search condition file
- 16.7 Policy assignment definition file
- 16.8 Asset information file
- 16.9 Judgment result file for security level
- 16.9.1 Judgment result (summary) file
- 16.9.2 Judgment result (security updates) file
- 16.9.3 Judgment result (anti-virus product) file
- 16.9.4 Judgment result (prohibited software) file
- 16.9.5 Judgment result (mandatory software) file
- 16.9.6 Judgment result (user definition) file
- 16.9.7 Judgment result (PC security settings) file
- 16.10 PC list information file
- 16.10.1 Asset information list file
- 16.10.2 Judgment result file (security updates)
- 16.10.3 Judgment result file (anti-virus products)
- 16.10.4 Judgment result file (prohibited software)
- 16.10.5 Judgment result file (mandatory software)
- 16.10.6 Judgment result file (user definition)
- 16.10.7 Judgment result file (PC security settings)
- 16.11 Patch update condition file
- 16.12 Statistics output file
- 16.12.1 Evaluation point file
- 16.12.2 Countermeasure usage file
- 16.12.3 Countermeasure usage details file
- 16.12.4 Countermeasure usage file for user-defined judgment items
- 16.13 Anti-virus product policy import file
- 16.14 Policy import execution file (manual)
- 16.15 Network connection control list file
- 16.16 Import file
- 16.17 MAC address list file
- 16.18 Judgment policy information file
- 16.19 Excluded user definition file
- 16.20 Definition file of MAC addresses not subject to deletion
- 17. Messages
- 17.1 Format of messages
- 17.1.1 Format of output messages
- 17.1.2 Format of message explanations
- 17.2 List of output destinations of messages
- 17.2.1 Output destinations of JP1/CSC - Manager messages
- 17.2.2 Output destinations of JP1/CSC - Manager Remote Option messages
- 17.2.3 Output destinations of JP1/CSC - Agent messages
- 17.3 List of JP1/CSC messages
- 17.3.1 List of JP1/CSC - Manager messages
- 17.3.2 List of JP1/CSC - Manager Remote Option messages
- 17.3.3 List of JP1/CSC - Agent messages
- 17.4 List of messages in the Client Security Management window
- 17.4.1 Action messages in the PC List window
- 17.4.2 Error messages in the PC Security Level Details window
- 17.4.3 Messages in the Register Permitted PCs window
- 17.4.4 Error message in the Evaluation Result List window
- 17.4.5 Error message in the Statistics List window
- 17.4.6 Error message in the Statistics Graph Display window
- 17.4.7 Error message in the Statistics Details window
- 17.4.8 Error message in the Statistics Details Graph Display window
- 18. Troubleshooting
- 18.1 Troubleshooting procedure
- 18.2 Data that must be collected if a problem occurs
- 18.2.1 Data for resolving problems in JP1/CSC - Manager
- 18.2.2 Data for resolving problems in JP1/CSC - Manager Remote Option
- 18.2.3 Data for resolving problems in JP1/CSC - Agent
- 18.2.4 Data for resolving problems in JP1/Software Distribution and AIM
- 18.3 Common problems and their solutions
- 18.4 Backup and restoration
- Appendixes
- A. List of Files
- A.1 List of files for JP1/CSC - Manager
- A.2 List of files for JP1/CSC - Manager Remote Option
- A.3 List of files for JP1/CSC - Agent
- A.4 List of sample definition files
- B. List of Port Numbers
- B.1 Port numbers
- B.2 Direction in which data passes through the firewall
- C. List of Processes
- D. Operation on a Cluster System
- D.1 Cluster system overview
- D.2 Prerequisites and supported operations
- D.3 Installing and setting up JP1/CSC - Manager
- D.4 Performing an overwrite installation of JP1/CSC - Manager
- D.5 Uninstalling JP1/CSC - Manager
- D.6 Installing and setting up JP1/CSC - Agent
- D.7 Performing an overwrite installation of JP1/CSC - Agent
- D.8 Uninstalling JP1/CSC - Agent
- D.9 Operation during failover
- E. Estimating Required Disk Capacity
- E.1 Disk capacity used by JP1/CSC - Manager
- E.2 Disk capacity used by JP1/CSC - Manager Remote Option
- E.3 Disk capacity used by JP1/CSC - Agent
- F. Audit Log Output
- F.1 Event types output to the audit log
- F.2 Audit log save format
- F.3 Audit log output format
- F.4 Configuration for outputting audit logs
- G. Version Changes
- H. Glossary
- Index
All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated