Machines

Software Management > Management > Machines

The Machines page manages the assignment of Software Management profiles on selected machines. The Machines page can also execute a manual scan of machines, suspend and resume Software Management tasks, and remove profile assignments.

Upper Panel Actions

• Assign Profiles - Assigns profiles to selected machines.
  • Scan and Analysis
  • Deployment
  • 3rd-Party Software
  • Override Profiles - Assigns to Override profiles to selected machines.
  • Removed inherited overrides - If checked, removes all overrides already assigned.
• Remove Profiles - Removes a selected type of profile from selected machines.
• Suspend/Resume - Suspends or resumes Software Management activities on selected machines. Agent Suspension now includes Software Management tasks (Scanning and Deployment).
• Scan Now - Executes a scan on selected machines immediately. A machine must be assigned a Scan and Analysis profile.
• 3rd-Party Support - Enables or disables 3rd-party installations and patching for selected machines, without having to adjust the profile assigned to the machine.
• Force Update - Initiates a scan, then deploys all installs and approved patches immediately, rebooting as often as necessary. Ignores the Deployment profile assigned to a machine.

Warning: Once the Force Update option is run on a machine there is no way to cancel it. The Cancel Pending Actions option does not apply to the Force Update option. The Force Update option also ignores any Reboot Actions and Blackout Windows set in the Deployment Profile assigned to the machine and will reboot the machine as required.

• Scan Now - Executes a scan on selected machines immediately. A machine must be assigned a Scan and Analysis profile.
• Licensing - Profiles Software Management license counts for 3rd-party installations and patching. Software Management license counts also display on the Administration > Manage > License Manage page.
  • Purchased
  • Available - Purchased not applied or expired.
  • Applied - Active license applied to a machine.
  • Expiration Date - Licensing sets the Software Management expiration date equal to the VSA maintenance expiration date.
  • # of Days Remaining - Days remaining before all licenses expire.
• Clear
  • Pending Actions
  • Errors
• Disconnect from Patch Mgmt - Disconnects selected agents from being managed by Patch Management.
  • A corresponding Attached to Patch Management column indicates if an agent is currently being managed by Patch Management.
• Refresh - Refreshes the grid.

Note: The grid do not refresh automatically.

Upper Panel Columns

• Agent ID
• Status

  managed by Software Management

  Software Management activities are suspended

• Machine Id
• Pending Actions

  scanning

  deploying a patch

  rebooting or waiting for a reboot

  inside the blackout window

  warning

  error

• Vulnerabilities
• Scan and Analysis Profile
• Scan and Analysis Schedule
• Deployment Profile
• Deployment Schedule
• 3rd-Party Software Profile
• 3rd-Party Support - Enabled or blank.
• Last Scan Date
• Last Deploy Date
• Attached to Patch Management
• Progress

Lower Panel Tabs

• Vulnerabilities - Profiles identified vulnerabilities for the selected machine.
  • Deploy Patches - Schedules patch deployments for selected vulnerabilities to the selected machine.
  • Refresh - Refreshes the tab.
  • Suppress - Suppress the selected patch.
  • Reject - Reject the selected patch.
  • Status - defines the statuses of vulnerabilities.
    • Available - For packages that can be installed for all ProductVersion objects of 3PP Title that supports only latest version installation. ProductVersion’s Status field is set to Available for each new ProductVersion object added from Software Catalog server. For the rest ProductVersion items Status should remain the same.
    • Not Available - For packages that can’t be installed for all ProductVersion objects of 3PP Title that supports only latest version installation. ProductVersion Status field should be changed to Not available once VSA Server receives cheksum mismatch error for it. During scheduled deploy 3PP vulnerabilities with Not Available status should be skipped. 3PP vulnerabilities with Not Available status should be sent to install when selected to Deploy in Machines → Machine → Vulnerabilities tab.
    • Installing - Installation of the vulnerability is currently in progress.
    • Error - the last installation of the vulnerability failed.
    • Pending Review - waits for user review to be approved or rejected.
    • Suppressed - The vulnerability won't be installed and also hidden from the Vulnerabilities tab.
    • Approved - The vulnerability is approved and will be installed during the next scheduled deployment.
    • Rejected - The vulnerability won't be installed but visible on the Vulnerabilities tab.
  • Product -
  • Vendor -
  • Identifier - 3PP App version is displayed.
  • Patch Name -
  • Impact -
  • CVE Code -
  • CVSS Base Score -
  • Hyperlink -
  • Description -
  • Release Date -
  • 3rd Party -
  • Engine - The New Engine field is renamed as Engine.
• Profiles - Displays the profiles assigned to the selected machine.
  • Scan and Analysis Profile
  • Deployment Profile
  • 3rd-Party Software Profile - Lists the assigned software by vendor, title and version.
  • Override Profiles - Lists overrides by Name, Type and Sort Order. Overrides have precedence from highest to lowest in the list. You can reorder overrides for the selected machine using the Move Up or Move Down buttons. You can also Delete an override for the selected machine.
• Pending Patches - Profiles the pending patches set to Review by the latest Scan and Analysis scan of a machine. See Patch Approval.
  • Approve - Approves pending patches for deployment.
  • Reject - Rejects pending patches for deployment. Rejected patches can be subsequently approved and deployed using the History tab.
  • Supress - Supresses pending patches for deployment.
  • Refresh - Refreshes the tab.

Note: The tab do not refresh automatically.

• Vendor -
• Product -
• Patch Name -
• Identifier -
• Release Date -
• Impact -
• CVSS Base Score -
• Hyperlink -
• Engine - The New Engine field is renamed as Engine.

• Suppressed Patches
  • Approve - Approve suppressed patch.
  • Reject - Reject suppressed patch
  • Refresh - Refresh the tab.
  • Status -
  • Product -
  • Vendor -
  • Identifier -
  • Patch Name -
  • Impact -
  • CVE code -
  • CVSS Base Score -
  • Hyperlink -
  • Description -
  • Release Date -
  • 3rd Party -
  • Engine -
• Errors - Profiles Software Management task errors for a selected machine.
  • Delete - Deletes a reported error. Deleted errors can still be identified in Agent > Agent Logs > Diagnostic Logs > Endpoints > Software Management Logs
• History - Shows the history of completed and rejected patches.
  • Approve - Approves selected rejected patches.
  • Name - Name of the patch.
  • Status - Can be Completed or Rejected. Completed means it was patched successfully. Rejected means either the patch is rejected in the Scan and Analysis profile, or it was rejected manually from Pending Patches tab.
  • User -
  • Identifier -
  • Status Date - The date the patch was put in Completed or Rejected status.
  • Engine -
  • Suppress -
  • Refresh - Refreshes the tab.

Note: The tab do not refresh automatically.

• Audited Applications - Displays the history of any K3PP supported software in order to understand change log history of package title in relation to endpoint.
  • Uninstall -
  • View Application History -
  • Refresh - Refreshes the tab.

Note: The tab do not refresh automatically.

• Version
• Architecture - Architecture string is displayed here.
• Language - Language string is displayed here.