DOCSLIB.ORG

BES Administrator's Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
BES Administrator's Guide Trend Micro® Endpoint Security Platform Console Administrator’s Guide Version 8.0 August 2010 Trend Micro Endpoint Security Platform Suite Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes, and the latest version of the applicable user documentation. Trend Micro, the Trend Micro t-ball logo, OfficeScan, Damage Cleanup Services, ScanMail, and TrendLabs are service marks, trademarks or registered trademarks of Trend Micro, Incorporated. BigFix®, Fixlet® and “Fix it before it fails”® are registered trademarks of Trend Micro, Inc. iprevention, Powered by BigFix, Relevance Engine, and related BigFix logos are trademarks of Trend Micro, Inc. All other product or company names may be trademarks or registered trademarks of their respective owners. Protected by U.S. Patent No. 5,623,600; 5,889,943; 5,951,698; 6.119,165 Copyright © 2010 Trend Micro Incorporated. All rights reserved. Document Part No.: APEM84654/100908 Release Date: September 2010 Trend Micro Endpoint Security Platform Suite Feedback Trend Micro always seeks to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro document, please contact us at [email protected]. Please evaluate this documentation on the following site: http://www.trendmicro.com/download/documentation/rating.asp IMPORTANT NOTICE AND LIMITATION Your use of the Trend Micro Endpoint Security Platform is limited to supporting the Trend Micro Core Protection Module and other BigFix Products purchased from Trend Micro only as expressly described in and permitted by this user guide. You are only authorized and licensed to use the software distribution capabilities of the Trend Micro Endpoint Security Platform to distribute the Trend Micro Core Protection Module and other BigFix Products purchased from Trend Micro, but you are not authorized or licensed to use the Trend Micro Endpoint Security Platform to distribute any other Trend Micro, BigFix, or any third party software You are authorized and licensed to use the Trend Micro Endpoint Security Platform only to customize the Fixlets that are provided with the Trend Micro Core Protection Module and other BigFix Products purchased from Trend Micro, but you are not authorized to create completely new Fixlets unrelated to such software purchased from Trend Micro. However, you may at any time purchase an upgrade from Trend Micro which permits you to use the full and complete software distribution capabilities of the Trend Micro Endpoint Security Platform with any software application (any Trend Micro, BigFix, or third party software) and to create new Fixlets that are unrelated to the software purchased from Trend Micro. Administrator's Guide iii © 2010 Trend Micro, Inc. Trend Micro Endpoint Security Platform Suite Contents CONTEN TS Part One ................................................................................................................................................................................................ 7 Introduction ................................................................................... 7 Audience.................................................................................................................................7 Versions................................................................................................................................. 8 Overview of the ESP System ............................................................................................. 9 Using this Guide ..................................................................................................................10 ESP Operating Requirements............................................................................................11 ESP Server Requirements .............................................................................................11 ESP Console Requirements ......................................................................................... 13 ESP Agent Requirements ............................................................................................. 13 Database Requirements................................................................................................14 Security Requirements...................................................................................................14 The ESP system authenticates all Fixlet messages and actions using secure public-key infrastructure (PKI) signatures. PKI uses public/private key pairs to ensure authenticity. ........................................................................................................14 A Basic Installation..............................................................................................................16 ESP Message Level Encryption (MLE) Overview.......................................................... 17 A Typical Installation...........................................................................................................18 A Multiple Server Installation.............................................................................................18 Understanding Replication.................................................................................................19 Distributed Server Architecture (DSA) ............................................................................ 20 Automating Failover and Failback .................................................................................... 21 Administrative Roles...........................................................................................................22 Duties of the ESP Site Administrator ...............................................................................23 Part Two.............................................................................................................................................................................................. 24 Getting Started ........................................................................... 24 Getting Authorized ............................................................................................................. 24 Creating the Action Site Masthead.................................................................................. 24 Installing the Programs.......................................................................................................27 Running the Component Installers.................................................................................. 28 Installing the Primary ESP Server............................................................................... 29 Authenticating Additional Servers (DSA) ....................................................................35 Administrator's Guide iv © 2010 Trend Micro, Inc. Trend Micro Endpoint Security Platform Suite Installing Additional Servers (DSA)............................................................................. 36 Connecting the ESP Console to a Different Server ................................................. 38 Running the ESP Diagnostics Tool............................................................................. 39 Understanding the ESP Server Components.............................................................41 Installing the ESP Console........................................................................................... 42 Installing the ESP Agents............................................................................................. 43 Running the ESP Administration Tool ........................................................................ 50 Understanding Operator Rights ....................................................................................... 54 Site Administrators ........................................................................................................ 54 Master Operators........................................................................................................... 54 Operators .........................................................................................................................55 Operators and Analyses ................................................................................................55 Adding ESP Console Operators.................................................................................. 56 Part Three ...........................................................................................................................................................................................60 Configuring the ESP Components ..........................................60 Using ESP Relays...............................................................................................................61 Optimizing the ESP Server(s) .......................................................................................... 70 Managing Replication (DSA).............................................................................................72 Managing Bandwidth ..........................................................................................................73 Dynamic Throttling ............................................................................................................. 74 Creating Agent Dashboards ..............................................................................................75
Load more

Recommended publications
  • IBM Bigfix Lifecycle a Single-Agent, Single-Console Approach for Endpoint Management Across the Enterprise
    IBM Security Data Sheet IBM BigFix Lifecycle A single-agent, single-console approach for endpoint management across the enterprise The convergence of IT functions that has occurred in recent years— Highlights operations groups, for example, taking ever-greater responsibility for security—requires a corresponding convergence of management tools. ●● ●●Manage hundreds of thousands of Without unified, simplified and streamlined capabilities, management endpoints regardless of location, connection type or status tasks in the distributed enterprise run the risk of becoming overwhelming in size and complexity. ●● ●●Employ an agent-based approach that delivers up-to-date visibility and automatically remediates issues IBM® BigFix® Lifecycle delivers the comprehensive and powerful approach that IT management needs today. Its single-agent, single- ●● ●●Reduce management complexity and cost, increase accuracy, and console technology provides real-time visibility into the state of endpoints boost productivity and gives administrators advanced functionality for managing those endpoints. Now, administrators have a single tool for discovering and inventorying resources, deploying operating systems (OSs), distributing software, controlling remote devices, and managing patches and other system changes. BigFix Lifecycle provides an accurate and comprehensive “single source of truth” for managing hundreds to hundreds of thousands of endpoints from a single server. Deployed in as little as a few hours, this industry- leading solution can shorten update cycles, improve the success rates for provisioning, reduce IT and help-desk labor requirements, and boost end-user productivity. IBM Security Data Sheet Consolidating and simplifying management enterprise-wide In most distributed environments, numbers of endpoints and network complexity are on the rise, while visibility and control of endpoints is poor and service levels are a challenge to main- tain.
    [Show full text]
  • IBM Bigfix Compliance a Single Solution for Managing Endpoint Security Across the Organization
    IBM Security Data Sheet IBM BigFix Compliance A single solution for managing endpoint security across the organization As the number of endpoints and the threats that can compromise them Highlights continue to grow at an unprecedented rate, IBM® BigFix® Compliance provides unified, real-time visibility and enforcement to protect complex ●● ●●Ensure continuous configuration compli- and highly distributed environments. ance using thousands of out-o f-th e-b ox security controls based on industry best-pr actice security benchmarks with Designed to ensure endpoint security across the organization, BigFix automated remediation and reporting Compliance can help organizations both protect endpoints and meet ●● ●●Analyze and report on policy compliance security compliance standards. This easy-to- manage, quick-to- deploy status and trends and identify endpoint solution supports security in an environment that is likely to include a security exposure and risks large variety and large numbers of endpoints—from servers to desktop ●● ●●Manage and distribute patches to all end- PCs, “roaming” Internet-connected laptops, smartphones and other points for a variety of operating systems mobile devices, as well as specialized equipment such as point-of- sale and software applications devices, ATMs and self-service kiosks. ●● ●●Monitor and manage the status and health of various third party endpoint BigFix Compliance can reduce the costs and complexity of IT manage- protection clients such as anti-vir us and ment as it increases business agility, speed to remediation and accuracy. anti- malware tools Its low impact on endpoint operations can enhance productivity and ●● ●●Perform all security assessment, remedia- improve the user experience. By constantly enforcing policy compliance tion, and reporting using a single multipur- pose, intelligent agent on each endpoint wherever endpoints roam, it helps reduce risk and increase audit visibility.
    [Show full text]
  • Bigfix Enterprise Suite (BES), Version 7.1.1.315
    National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme ® TM Validation Report BigFix Enterprise Suite (BES), Version 7.1.1.315 Report Number: CCEVS-VR-VID10214-2009 Dated: 16 January 2009 Version: 1.0 National Institute of Standards and Technology National Security Agency Information Technology Laboratory Information Assurance Directorate 100 Bureau Drive 9800 Savage Road STE 6757 Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6757 1. EXECUTIVE SUMMARY .................................................................................................................. 3 2. IDENTIFICATION ........................................................................................................................... 4 3. SECURITY POLICY .......................................................................................................................... 5 4. ASSUMPTIONS AND CLARIFICATION OF SCOPE ............................................................................. 5 4.1 THE FOLLOWING ARE ASSUMPTIONS MADE FOR THE ENVIRONMENT OF THE TOE: .............................................. 5 4.2 CLARIFICATION OF SCOPE ........................................................................................................................ 6 5. ARCHITECTURAL INFORMATION ................................................................................................... 6 6. DOCUMENTATION .......................................................................................................................
    [Show full text]
  • Red Hat & SUSE Linux Inspector Library
    TM B IIIGGFFI XX® ® Red Hat & SUSE Linux Inspector Library A Guide to the BigFix® Red Hat & SUSE Linux Inspectors BigFix, Inc. Emeryville, CA Last Modified: 8/27/2008 Compatible with BES 7.1 Linux Inspector Library Page i © 1998–2008 BigFix, Inc. All rights reserved. ® ® BigFix , Fixlet and "Fix it before it fails"® are registered trademarks of BigFix, Inc. iprevention, Powered by BigFix, Relevance Engine, and related BigFix logos are trademarks of BigFix, Inc. All other product names, trade names, trademarks, and logos used in this documentation are the property of their respective owners. BigFix’s use of any other company’s trademarks, trade names, product names and logos or images of the same does not necessarily constitute: (1) an endorsement by such company of BigFix and its products, and (2) an endorsement of the company or its products by BigFix. Except as set forth in the last sentence of this paragraph: (1) no part of this documentation may be reproduced, transmitted, or otherwise distributed in any form or by any means (electronic or otherwise) without the prior written consent of BigFix, Inc., and (2) you may not use this documentation for any purpose except in connection with your properly licensed use or evaluation of BigFix software and any other use, including for reverse engineering such software or creating derivative works thereof, is prohibited. If the license to the software which this documentation accompanies is terminated, you must immediately return this documentation to BigFix, Inc. and destroy all copies you may have. You may treat only those portions of this documentation specifically designated in the “Acknowledgements and Notices” section below as notices applicable to third party software in accordance with the terms of such notices.
    [Show full text]
  • General Catalog Miami Campus 2021-2022
    General Catalog Miami Campus 2021-2022 Revised July 14, 2021 1 CATALOG DISCLAIMER Notwithstanding anything contained in this Catalog, NUC University, reserves the right, wherever it deems advisable: (1) to change or modify its tuition and fees, (2) to withdraw, cancel or reschedule any course, program of study, degree or any requirements in connection with the foregoing, and (3) to change or modify any internal policy. Please be advised that due to printing deadlines, information in this Catalog may be updated. Changes in information in this Catalog and new academic regulations will be published each term as applicable. It is the responsibility of each student to ascertain current information that pertains to the individuals program particularly with regard to satisfaction of degree requirements, through frequent reference to registration bulletins, the webpage www.nuc.edu, and by consultation with the student’s advisor, the Vice President of Academic Affairs, and other appropriate offices such as the Registrar or Student Financial Aid. In preparing this catalog, efforts are made to provide pertinent and accurate information. Any additional information regarding the institution, may be obtained by contacting the Commission for Independent Education, Department of Education, 325 West Gaines Street, Suite 1414, Tallahassee, Florida 32399-0400, toll-free telephone number (888)224-6684. Graduates of any of NUC University’s Spanish-speaking programs may encounter employment limitations due to the fact that most businesses require fluency in the English Language. © Copyright 2021, NUC University 2 GENERAL CATALOG 2021-2022 MASTER’S, BACHELOR’S AND ASSOCIATE’S DEGREE PROGRAMS BAYAMÓN State Road #2, Km. 11.2 ARECIBO National University College Plaza Building #1660 Manuel Pérez Avilés Street Bayamón PR 00961 Víctor Rojas Avenue PO Box 2036 Arecibo, Puerto Rico 00612 Bayamón, Puerto Rico 00960 PMB 452 PO Box 144035 Tel.
    [Show full text]
  • Endpoint Security Platform Console
    Trend Micro® Endpoint Security Platform Console Operator's Guide Version 8.0 August 2010 Trend Micro Endpoint Security Platform Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes, and the latest version of the applicable user documentation. Trend Micro, the Trend Micro t-ball logo, OfficeScan, Control Manager, Damage Cleanup Services, eManager, InterScan, Network VirusWall, ScanMail, ServerProtect, and TrendLabs are service marks, trademarks or registered trademarks of Trend Micro, Incorporated. BigFix® , Fixlet® and "Fix it before it fails"® are registered trademarks of BigFix, Inc. iprevention, Powered by BigFix, Relevance Engine, and related BigFix logos are trademarks of BigFix, Inc. All other product or company names may be trademarks or registered trademarks of their respective owners. Copyright © 2010 Trend Micro Incorporated. All rights reserved. Document Part No. APEM74056/90320 Release Date: ?? 2010 Protected by U.S. Patent Nos: 5,623,600; 5,889,943; 5,951,698; 6.119,165 Administrator's Guide ii © 2010 BigFix, Inc. Trend Micro Endpoint Security Platform The user documentation for Trend Micro Endpoint Security Platform introduces the main features of the software and installation instructions for your production environment. Read through it before installing or using the software. Detailed information about how to use specific features within the software are available in the online help file and the online Knowledge Base at Trend Micro’s Web site. Trend Micro always seeks to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro document, please contact us at [email protected].
    [Show full text]
  • IBM Endpoint Manager: Getting Started Getting Started
    IBM Endpoint Manager Version 9.1 Getting Started IBM IBM Endpoint Manager Version 9.1 Getting Started IBM Note Before using this information and the product it supports, read the information in “Notices” on page 17. This edition applies to version 9, release 1, modification level 0 of IBM Endpoint Manager and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright IBM Corporation 2013, 2014. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Getting Started............ 1 Applying a Windows patch ........ 12 IBM Endpoint Manager platform ....... 1 IBM Endpoint Manager applications ...... 3 Appendix. Support ......... 15 A sample architecture ........... 5 Types of content ............. 6 Notices .............. 17 How to identify on which targets to apply content . 7 Programming interface information ...... 19 A patch management scenario ........ 9 Trademarks .............. 19 Configuring Patch Management for Windows Terms and conditions for product documentation.. 20 patches ............... 9 © Copyright IBM Corp. 2013, 2014 iii iv IBM Endpoint Manager: Getting Started Getting Started IBM® Endpoint Manager is a suite of products that provides a fast and intuitive solution for compliance, endpoint, and security management and allows organizations to see and manage physical and virtual endpoints through a single infrastructure, a single console, and a single type of agent. IBM Endpoint Manager provides you with the following capabilities: v Single intelligent agent for continuous endpoint self-assessment and policy enforcement. v Real-time visibility and control from a single management console. v Management of hundreds of thousands of endpoints regardless of location, connection type, or status.
    [Show full text]
  • Bigfix Servicenow Data Flow Implementation Guide Special Notice
    BigFix ServiceNow Data Flow Implementation Guide Special notice Before using this information and the product it supports, read the information in Notices (on page 43). Edition notice This edition applies to BigFix version 10 and to all subsequent releases and modifications until otherwise indicated in new editions. Contents Chapter 1. ServiceNow Data Flow..................................................................................... 1 Chapter 2. Detailed system requirements..........................................................................3 Chapter 3. Fundamental concepts.....................................................................................6 Chapter 4. Installing........................................................................................................ 12 Chapter 5. Working with basic functions......................................................................... 14 Chapter 6. Reference.......................................................................................................16 Configuration file................................................................................................................. 16 Configuration settings.........................................................................................................22 Command Line Interface.................................................................................................... 24 Logs.....................................................................................................................................
    [Show full text]
  • IBM Bigfix Lifecycle a Single-Agent, Single-Console Approach for Endpoint Management Across the Enterprise
    IBM Security Data Sheet IBM BigFix Lifecycle A single-agent, single-console approach for endpoint management across the enterprise The convergence of IT functions that has occurred in recent years— Highlights operations groups, for example, taking ever-greater responsibility for security—requires a corresponding convergence of management tools. ●● ●●Manage hundreds of thousands of Without unified, simplified and streamlined capabilities, management endpoints regardless of location, connection type or status tasks in the distributed enterprise run the risk of becoming overwhelming in size and complexity. ●● ●●Employ an agent-based approach that delivers up-to-date visibility and automatically remediates issues IBM® BigFix® Lifecycle delivers the comprehensive and powerful approach that IT management needs today. Its single-agent, single- ●● ●●Reduce management complexity console technology provides real-time visibility into the state of endpoints and cost, increase accuracy, and boost productivity and gives administrators advanced functionality for managing those endpoints. Now, administrators have a single tool for discovering and inventorying resources, deploying operating systems (OSs), distributing software, controlling remote devices, and managing patches and other system changes. BigFix Lifecycle provides an accurate and comprehensive “single source of truth” for managing hundreds to hundreds of thousands of endpoints from a single server. Deployed in as little as a few hours, this industry- leading solution can shorten update cycles, improve the success rates for provisioning, reduce IT and help-desk labor requirements, and boost end-user productivity. IBM Security Data Sheet Consolidating and simplifying management enterprise-wide In most distributed environments, numbers of endpoints and network complexity are on the rise, while visibility and control of endpoints is poor and service levels are a challenge to main- tain.
    [Show full text]
  • Bigfix Webui User's Guide Special Notice
    BigFix WebUI User's Guide Special notice Before using this information and the product it supports, read the information in Notices (on page 134). Edition notice This edition applies to version 10.0.1 of BigFix Insights and to all subsequent releases and modifications until otherwise indicated in new editions. Contents Chapter 1. Welcome.............................................................................................................................1 Chapter 2. Meet the WebUI............................................................................................................... 2 Overview Page............................................................................................................................... 2 Navigation Bar............................................................................................................................... 3 List Views...................................................................................................................................... 4 Document Views............................................................................................................................5 Filters and Search Tools................................................................................................................ 6 Text Search.....................................................................................................................................7 List Controls...................................................................................................................................8
    [Show full text]
  • Bigfix Platform Getting Started Special Notice
    BigFix Platform Getting Started Special notice Before using this information and the product it supports, read the information in Notices (on page 39). Edition notice This edition applies to version 9.5 of BigFix and to all subsequent releases and modifications until otherwise indicated in new editions. Contents Chapter 1. Introduction..................................................................................................... 1 Chapter 2. BigFix platform................................................................................................ 3 Chapter 3. BigFix applications...........................................................................................6 Chapter 4. A sample architecture......................................................................................9 Chapter 5. Types of content............................................................................................10 Chapter 6. How to identify on which targets to apply content.......................................... 12 Chapter 7. A patch management scenario.......................................................................15 Chapter 8. Glossary.........................................................................................................23 Chapter 9. Support..........................................................................................................38 Notices......................................................................................................................................... 39 Index.........................................................................................................................
    [Show full text]