9.1 Checking the security status
By default, managed computers have the default policy applied. Immediately after JP1/IT Desktop Management 2 is used to specify computers that should be managed, the administrator can view the security status evaluated by the default policy, regardless of whether the administrator has set the security policy settings.
- Tip
-
Immediately after operation starts, it is recommended that you check the security status evaluated based on the default policy and then address any issues. This will maintain a basic level of security. After that, you should set security policies that satisfy your organization's security requirements for security management.
- Important
-
In the case of agents for UNIX, security statuses are not determined based on security policies. Therefore, perform security management independently according to the security policy of your organization.
You can check the security status from the Home module panels, the Security module, reports, and the Events module.
Checking the security status in the Home module panels
The number of computers that are not safe is displayed in At Risk Devices in the System Summary panel of the Home module. If you click the number, you will see the Computer Security Status view of the Security module, and then you can check the security status of each computer.
The Category Security Assessment panel lets you review a comprehensive security assessment of the computers and shows you the security areas that need to be addressed.
![[Figure]](GRAPHICS/Z030023J.GIF)
Checking the security status in the Security module
In the Security module, you can check the security status in the Overview view, the Security Policy view, and the Computer Security Status view.
- Checking the status in the Overview view
-
You can view the summary of the security status. Clicking the links in the panels displays detailed information, which helps you investigate specific issues.
![[Figure]](GRAPHICS/ZU030019.GIF)
- Checking the status in the Security Policy view
-
You can see the rate of conformance to each of the security policies and the number of computers where security settings are inappropriate.
The security policies might not be adhered to if 0 is not displayed for
![[Figure]](GRAPHICS/ZU990047.GIF)
(danger), ![[Figure]](GRAPHICS/ZU990048.GIF)
(warning), and ![[Figure]](GRAPHICS/ZU990049.GIF)
(caution).
Click the number of computers to display the Computer Security Status view and check the security status of the computers.
You can use this view to automate the implementation of measures on computers where security policies are applied.
The rate of conformance and number of applied computers are calculated based on the number of computers whose security status has been judged. The rate of conformance is the percentage of the number of computers that comply with the security policies out of the total number of computers whose security status has been judged against the applicable security policies. Applied computers are represented by the number of computers whose security status has been judged against the applicable security policies. However, the rate of conformance and number of applied computers are not calculated in the following situations:
-
When all of the judgment items specified in the security policies are addressed to devices that are out of the range of judgment
-
When either or both Prohibited operation and Operation log in the security policies are set to Enabled, and all the other security configuration items are set to Disabled
![[Figure]](GRAPHICS/ZU030020.GIF)
-
- Checking status in the Computer Security Status view
-
You can check the security status of each computer.
You can see a list of the violation levels of all computers, or you can see the violation levels grouped by category. You can directly check the security setting status. You can use this view to automate the implementation of measures of computers where security policies are applied.
The security policies might not be adhered to if the violation level is displayed as
(danger), (warning), or (caution). Review the security status for each security item, and then address any security issues.
![[Figure]](GRAPHICS/ZU030021.GIF)
Checking the status in a report
You can check the security status in Summary Reports, Security Diagnosis Reports, and Security Detail Reports.
Summary Reports lets you review security assessment reports. Security Diagnosis Reports lets you review the comprehensive security status, such as overall security assessment results and the current status. Security Detail Reports displays the details of violation levels and the percentage of each violation level for each security category.
![[Figure]](GRAPHICS/ZU990039.GIF)
Checking the status in the Events module
You can check security events in the Events module. You can also check minor events that do not violate security policies.
![[Figure]](GRAPHICS/ZU100018.GIF)