![[Contents]](FIGURE/CONTENT.GIF)
![[Glossary]](FIGURE/GLOSS.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide
The client security control system provides samples of definition files.
The following table lists the types of sample files and their import destinations or associated command arguments.
Table A-4 Types of sample files and their import destinations or associated command arguments
No. Type of sample file File name Judgment item or registered data Import destination 1 Definition file for excluded security updates ExUpPgm_sample.csv Security updates Definition of Excluded Security Updates dialog box 2 Definition file for mandatory security updates NeedUpPgm_sample.csv Security updates Patch page of the Definition of Mandatory Security Updates dialog box 3 Definition file for mandatory service packs NeedUpSP_sample.csv Security updates Service Pack page of the Definition of Mandatory Security Updates dialog box 4 Anti-virus product definition file VirusMeasure_sample.csv Anti-virus products Edit Judgment Policy (Anti-virus Product) window 5 Prohibited software definition file UnjustSoft_sample.csv Prohibited software Edit Judgment Policy (Prohibited Software) window 6 Mandatory software definition file NeedSoft_sample.csv Mandatory software Edit Judgment Policy (Mandatory Software) window 7 User definition file UserDefJudge_sample.csv User definition Edit Judgment Policy (User Definition) window 8 Mail address definition file MailAddress_sample.csv Email address to be notified Settings for Email Address dialog box 9 Patch update condition file cscpatchcond_sample.txt Conditions for updating patch information The -f option of the judgment policy update command for security updates (cscpatchupdate) 10 Excluded user definition file cscm_excludeuser.conf_sample.txt User accounts to be excluded None
- Note
- Sample definition files must be customized based on the security objectives before they are imported.
The sample files are stored in the following location:
JP1/CSC - Manager-installation-folder\sample
- Organization of this subsection
- (1) Sample of a definition file for excluded security updates
- (2) Sample of a definition file for mandatory security updates
- (3) Sample of a definition file for mandatory service packs
- (4) Sample of an anti-virus product definition file
- (5) Sample of a prohibited software definition file
- (6) Sample of a mandatory software definition file
- (7) Sample of a user definition file
- (8) Sample of a mail address definition file
- (9) Sample of a patch update condition file
- (10) Sample of an excluded user definition file
(1) Sample of a definition file for excluded security updates
The following shows a sample of a definition file for excluded security updates:
- Legend:
- (a): Example when the update number MS01-001 is set
- (b): Example when the update number MS02-002 is set
- The sample contains the following settings.
No. Item Set value for (a) Set value for (b) 1 Parameter ID ExpUpProgram 2 Update number MS01-001 MS02-002 3 Article ID number KB111111 KB222222 For details about the definition file for excluded security updates, see 16.2.3 Definition file of excluded security updates.
(2) Sample of a definition file for mandatory security updates
The following shows a sample of a definition file for mandatory security updates.
- Legend:
- (a): Example when OS for mandatory security updates is set to All OSs
- (b): Example when OS for mandatory security updates is not set to All OSs
- (c): Example when Product name for mandatory security updates is set to Microsoft Internet Explorer
- (d): Example when Product name for mandatory security updates is set to any other product
- The sample contains the following settings.
No. Item Set value for (a) Set value for (b) Set value for (c) Set value for (d) 1 Parameter ID NeedUpProgram 2 Update number MS01-001 MS02-002 MS03-003 MS04-004 3 Article ID number KB111111 KB222222 KB333333 KB444444 4 OS for mandatory security updates All OSs Windows Server 2003 (32bit) Windows Server 2003, Enterprise Edition Windows Server 2003, Enterprise Edition 5 OS service pack for mandatory security updates No specification Service Pack 1 Service Pack 1 Service Pack 1 6 Product name for mandatory security updates No specification No specification Microsoft Internet Explorer Other products 7 Product version for mandatory security updates No specification No specification 6.0 1.0.0 8 Product service pack for mandatory security updates No specification No specification Service Pack 1 No specification 9 Security level Caution Warning Danger Danger 10 Product name for mandatory security updates (Not applicable) (Not applicable) (Not applicable) SoftwareA 11 Comparison condition (Not applicable) (Not applicable) (Not applicable) Match all the words For details about the definition file for mandatory security updates, see 16.2.4 Definition file for mandatory security updates.
(3) Sample of a definition file for mandatory service packs
The following shows a sample of a definition file for mandatory service packs.
- Legend:
- (a): Example when an OS service pack is defined
- (b): Example when a product service pack is defined
- The sample contains the following settings.
- (a): Example when an OS service pack is defined
No. Item Value set for (a) 1 Parameter ID NeedUpServicePackOS 2 OS Windows Server 2003 3 OS service pack Service Pack 1 4 OS service pack condition Include only service packs that match OS service pack. 5 Security level Warning - (b): Example when a product service pack is defined
No. Item Value set for (b) 1 Parameter ID NeedUpServicePackProduct 2 Product name Microsoft Internet Explorer 3 Product version 6.0 4 Product service pack Service Pack 1 5 Product service pack condition Include all service packs other than Product service pack. 6 OS All OSs 7 OS service pack No specification 8 Security level Warning For details about the definition file for mandatory service packs, see 16.2.5 Definition file for mandatory service packs.
(4) Sample of an anti-virus product definition file
The following shows a sample of an anti-virus product definition file.
- Legend:
- (a): Example when only whether the anti-virus product has been installed is judged
- (b): Example when all items are judged
- The sample contains the following settings.
No. Item Value set for (a) Value set for (b) 1 Parameter ID VirusProduct 2 Anti-virus product name Virus Software1 Virus Software2 3 Product version No specification 9.0.3.1000 4 Engine version No specification 61.2.1.10 5 Virus definition file version No specification 20060918.018 6 Determine that PCs with no resident anti-virus products are at risk Do not judge residency. Judge residency. 7 Security level Danger Danger For details about the anti-virus product definition file, see 16.2.6 Anti-virus products definition file.
(5) Sample of a prohibited software definition file
The following shows a sample of a prohibited software definition file.
- Legend:
- (a): Example when a comparison condition is omitted
- (b): Example when a comparison condition is set
- The sample contains the following settings.
No. Item Value set for (a) Value set for (b) 1 Parameter ID UnjustSoftware 2 Software name Software SoftwareA 3 Version No specification 2.0.0 4 OS All OSs All OSs 5 Security level Caution Danger 6 Comparison condition Match part of the words# Match all the words
- #
- Match part of the words is assumed because no comparison condition has been specified.
For details about the prohibited software definition file, see 16.2.7 Prohibited software definition file.
(6) Sample of a mandatory software definition file
The following shows a sample of a mandatory software definition file.
- Legend:
- (a): Example when one software product is set in one group
- (b): Example when multiple software products are set in one group
- The sample contains the following settings.
No. Item Value set for (a) Value set for (b) 1 Parameter ID NeedSoftware 2 Software name SoftwareA SoftwareA SoftwareB 3 Version No specification 0670 0700 4 OS All OSs All OSs 5 Security level Caution Caution 6 Group name SoftwareA Software For details about the mandatory software definition file, see 16.2.8 Mandatory software definition file.
(7) Sample of a user definition file
The following shows a sample of a user definition file.
The sample contains the following settings.
No. Item Set value 1 Parameter ID UserDefJudge 2 Judgment item name Power-saving CPU 3 Class Hardware information Hardware information 4 Property CPU CPU 5 Comparison condition Do not match. Do not match. 6 Comparison value 28694 28695 7 Treatment when value is not set for property Treat the security level as unknown. Treat the security level as unknown. 8 Security level Caution For details about the user definition file, see 16.2.9 User definition file.
(8) Sample of a mail address definition file
The following shows a sample of a mail address definition file.
The sample contains the following settings.
No. Item Set value 1 Email address manager-a@company.jp
manager-b@company.jpFor details about the mail address definition file, see 16.3 Mail address definition file.
(9) Sample of a patch update condition file
The following shows a sample of a patch update condition file.
The sample contains the following settings.
No. Item Set value 1 Release date (start) 2007/03/01 2 Release date (end) None specified# 3 Release period 0 4 Product type All (OS and software products) 5 Class All 6 Target OS All 7 Severity rating All 8 Update condition Only patches added since last execution 9 Processing dependent on patch information file version. Do not process the file. 10 Update delay time 0 11 Security level setting (critical) Danger 12 Security level setting (important) Danger 13 Security level setting (moderate) Warning 14 Security level setting (low) Caution 15 Security level setting (unspecified) Caution
- #
- Lines beginning with a hash symbol (#) are treated as comments.
For details about the patch update condition file, see 16.11 Patch update condition file.
(10) Sample of an excluded user definition file
The following shows a sample of an excluded user definition file.
The sample contains the following settings.
No. Item Set value 1 User account name user1
user2For details about the excluded user definition file, see 16.19 Excluded user definition file.
All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated
![[Figure]](FIGURE/ZUAPA100.GIF)
![[Figure]](FIGURE/ZUAPA200.GIF)
![[Figure]](FIGURE/ZUAPA300.GIF)
![[Figure]](FIGURE/ZUAPA400.GIF)
![[Figure]](FIGURE/ZUAPA500.GIF)
![[Figure]](FIGURE/ZUAPA600.GIF)
![[Figure]](FIGURE/ZUAPA700.GIF)
![[Figure]](FIGURE/ZUAPA800.GIF)
![[Figure]](FIGURE/ZUAPA900.GIF)
![[Figure]](FIGURE/ZUAPA950.GIF)