2. Computers & electronics
  3. Software
  4. Novell
  5. ZENworks 7 Patch Management

Novell ZENworks 7 Patch Management Administration Guide

  • Hello! I am an AI chatbot trained to assist you with the Novell ZENworks 7 Patch Management Administration Guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
User Guide
ZENworks Patch Management 6.4 SP2
02_012N 6.4SP2 User Guide
- 2 -
- 3 -
Notices
Version Information
ZENworks Patch Management User Guide - ZENworks Patch Management Version 6.4SP2 - Released:
September 2009
Document Number: 02_012N_6.4SP2_092651134
Legal Notices
Novell, Inc. makes no representations or warranties with respect to the contents or use of this
documentation, and specifically disclaims any express or implied warranties of merchantability or fitness
for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make
changes to its content, at any time, without obligation to notify any person or entity of such revisions or
changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically
disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time,
without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export
controls and the trade laws of other countries. You agree to comply with all export control regulations and
to obtain any required licenses or classification to export, re-export or import deliverables. You agree not
to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist
countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear,
missile, or chemical biological weaponry end uses. See the Novell International Trade Services Web page
(http://www.novell.com/info/exports/) for more information on exporting Novell software. Novell assumes no
responsibility for your failure to obtain any necessary export approvals.
Copyright © 2008 Novell, Inc. All rights reserved. No part of this publication may be reproduced,
photocopied, stored on a retrieval system, or transmitted without the express written consent of the
publisher.
Novell, Inc. has intellectual property rights relating to technology embodied in the product that is described
in this document. In particular, and without limitation, these intellectual property rights may include one or
more of the U.S. patents listed on the Novell Legal Patents Web page (http://www.novell.com/company/
legal/patents/) and one or more additional patents or pending patent applications in the U.S. and in other
countries.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Online Documentation: To access the latest online documentation for this and other Novell products, see
the Novell Documentation Web page (http://www.novell.com/documentation).
ZENworks Patch Management
- 4 -
Novell Trademarks
For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/
legal/ trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
- 5 -
Table of Contents
Preface: About This Document............................................................................................. 17
Typographical Conventions................................................................................................................17
Contacting Novell...............................................................................................................................17
Chapter 1: ZENworks Patch Management Overview...........................................................19
Product Overview...............................................................................................................................19
Patch Management Server and Agent Process........................................................................20
System Requirements........................................................................................................................21
Minimum Hardware Requirements.............................................................................................21
Supported Operating Systems...................................................................................................21
Other Software Requirements................................................................................................... 21
Supported Database Servers.....................................................................................................22
Recommended Configuration.....................................................................................................22
Agent Supported Operating Systems................................................................................................22
Agent Supported Languages.............................................................................................................24
Chapter 2: Using ZENworks Patch Management.................................................................25
Getting Started with ZENworks Patch Management.........................................................................25
Accessing ZENworks Patch Management.........................................................................................26
Logging on to ZENworks Patch Management...........................................................................26
Logging Out of Update.............................................................................................................. 27
Common Functions within Patch Management Server..................................................................... 28
Defining Browser Conventions...................................................................................................28
Using Search..............................................................................................................................29
Using Filters............................................................................................................................... 30
Using Tabbed Pages................................................................................................................. 31
Expanding and Collapsing Folders and Outlines.......................................................................31
Advancing Through Pages.........................................................................................................31
Using the Action Menu.............................................................................................................. 32
Using Help..................................................................................................................................32
Exporting Data............................................................................................................................33
Viewing the Patch Management Server Home Page........................................................................34
Table of Contents
- 6 -
Using the Navigation Menu....................................................................................................... 35
Viewing Latest News..................................................................................................................37
Viewing the Documentation Links..............................................................................................38
Viewing Server Information........................................................................................................38
Viewing the Graph Dashboard...........................................................................................................39
Dashboard Charts......................................................................................................................39
Dashboard Settings and Behavior Icons...................................................................................39
Adding a Graph to the Dashboard............................................................................................ 41
Removing a Graph from the Dashboard................................................................................... 41
License Expiration..............................................................................................................................42
Chapter 3: Using Vulnerabilities and Packages.................................................................. 43
The Relationship Between Vulnerabilities and Packages..................................................................43
About Vulnerabilities...........................................................................................................................44
Defining Vulnerability Structure..................................................................................................44
The Vulnerabilities Page....................................................................................................................46
To Access The Vulnerabilities Page..........................................................................................46
Viewing Vulnerabilities............................................................................................................... 46
Viewing Vulnerability Details......................................................................................................47
Vulnerability Status and Types..................................................................................................47
Vulnerability Package Cache Status and Type.........................................................................48
Vulnerability Name.....................................................................................................................49
Vulnerability Impacts..................................................................................................................49
Vulnerability Statistics................................................................................................................ 50
Searching, Filtering, and Saving Views.....................................................................................50
Working with Vulnerabilities...............................................................................................................51
Vulnerability Status Tabs...........................................................................................................51
Column Definitions.....................................................................................................................51
Device Status.............................................................................................................................52
Deploying Vulnerabilities............................................................................................................53
Disabling and Enabling Vulnerabilities.......................................................................................53
Using the Scan Now Feature.................................................................................................... 53
Updating the Cache...................................................................................................................55
About Packages.................................................................................................................................55
Using the Packages Tab................................................................................................................... 57
Table of Contents
- 7 -
Package Information Tab...........................................................................................................59
Package Statuses and Types....................................................................................................61
Package Column Definitions......................................................................................................62
Searching, Filtering, and Saving Views.....................................................................................62
Working with Packages......................................................................................................................63
Deploying a Package.................................................................................................................63
Deleting a Package....................................................................................................................63
Updating the Package Cache....................................................................................................63
Editing a Package......................................................................................................................64
Creating a Package................................................................................................................... 64
Using the Package Editor..................................................................................................................64
Including Deployment Options in a Package.............................................................................73
Adding File and Directories to a Package.................................................................................75
Creating Scripts for a Package..................................................................................................79
Chapter 4: Working With Deployments................................................................................ 81
About Deployments............................................................................................................................81
Viewing Deployments.................................................................................................................82
Deployment Types..................................................................................................................... 84
Standard and Chained Deployments.........................................................................................85
Using the Deployment Pages............................................................................................................86
Deployment Status and Type....................................................................................................87
Deployment Details Summary................................................................................................... 89
Working With Deployments................................................................................................................90
Deployments Page.....................................................................................................................90
Viewing the Deployment Details................................................................................................91
Viewing Deployment Results.....................................................................................................94
Explaining Deployment Distribution Order.................................................................................95
Aborting Deployments................................................................................................................95
Disabling Deployments...............................................................................................................95
Enabling Deployments............................................................................................................... 96
Modifying Deployments..............................................................................................................96
Deleting Deployments................................................................................................................96
Explaining Deployment Deadlines............................................................................................. 96
Using the Deployment Wizard...........................................................................................................97
Table of Contents
- 8 -
Introduction Page.......................................................................................................................97
Device / Device Groups Selection Page................................................................................... 98
Package Selection Page............................................................................................................99
Associated Vulnerability Analysis.............................................................................................101
Licenses Page..........................................................................................................................102
Deployment Options Page.......................................................................................................103
Schedule Configuration Page..................................................................................................105
Selecting the Deployment Start and End Functions................................................................108
Package Deployment Order and Behavior Page.....................................................................110
Package Deployment Behavior Options Page.........................................................................114
Notification Options Page........................................................................................................ 118
Deployment Confirmation Page...............................................................................................121
Associated Vulnerability Analysis Page...................................................................................123
Deployment Summary Page....................................................................................................124
Chapter 5: Using Devices and Inventory............................................................................127
About Devices..................................................................................................................................128
Viewing Devices.......................................................................................................................128
Using the Devices Page..........................................................................................................129
Using the Details by Device Page...........................................................................................132
Working with Devices.......................................................................................................................138
Installing an Agent................................................................................................................... 138
Viewing Device Details............................................................................................................ 140
Disabling a Device...................................................................................................................140
Deleting a Device.....................................................................................................................141
Enabling a Device....................................................................................................................141
Deploying a Vulnerability......................................................................................................... 141
Exporting Device Information...................................................................................................141
Scanning Devices.....................................................................................................................142
Rebooting Devices...................................................................................................................142
About Inventory................................................................................................................................143
Viewing Inventory.....................................................................................................................143
Using the Inventory Tab.................................................................................................................. 144
Inventory Types........................................................................................................................144
Scanning Inventory...........................................................................................................................145
Table of Contents
- 9 -
Manually Scheduling the DAU Task........................................................................................146
Using Custom Inventory...................................................................................................................146
Guidelines for Microsoft Windows based Operating Systems.................................................146
Guidelines for Linux/Unix/Mac based Operating Systems.......................................................150
Chapter 6: Using Groups..................................................................................................... 153
To View Groups...............................................................................................................................154
To Search for a Group.................................................................................................................... 154
Groups and the Directory Tree........................................................................................................155
Parent and Child Groups.........................................................................................................155
Defining Groups....................................................................................................................... 155
Group Information............................................................................................................................ 156
Group Information Settings......................................................................................................157
Assigned Email Notification Addresses................................................................................... 157
Assigned Child Groups............................................................................................................158
Assigned Mandatory Baseline Items....................................................................................... 158
Assigned Policy Sets............................................................................................................... 158
Resultant Policy Information....................................................................................................159
Assigned Roles........................................................................................................................ 159
Group Membership...........................................................................................................................160
Creating a Group..................................................................................................................... 161
Moving a Group....................................................................................................................... 162
Deleting Groups....................................................................................................................... 163
Editing Groups..........................................................................................................................164
Device Membership..........................................................................................................................165
Adding or Removing Device Members....................................................................................166
Enabling or Disabling Devices within a Group........................................................................168
Mandatory Baseline..........................................................................................................................168
Viewing a Group Mandatory Baseline.....................................................................................170
Managing Mandatory Baselines...............................................................................................171
Removing Deployments Created by Mandatory Baselines..................................................... 176
Device Group Vulnerabilities............................................................................................................177
Enabling Vulnerabilities within a Group...................................................................................178
Disabling Vulnerabilities within a Group..................................................................................178
Device Group Inventory...................................................................................................................179
Table of Contents
- 10 -
Device Group Deployments.............................................................................................................180
Deploying to a Group...............................................................................................................181
Device Group Policies......................................................................................................................181
Adding a Policy to a Group.....................................................................................................182
Removing a Policy from a Group............................................................................................182
Device Group Roles.........................................................................................................................183
Adding a Role to a Group....................................................................................................... 183
Removing a Role from a Group..............................................................................................184
Device Group Dashboard................................................................................................................ 185
Dashboard Charts....................................................................................................................185
Dashboard Settings and Behavior Icons.................................................................................186
Adding a Graph to the Dashboard.......................................................................................... 187
Removing a Graph from the Dashboard................................................................................. 188
Device Group Settings.....................................................................................................................188
Editing Group Settings.............................................................................................................189
Assign a Source Group to a Custom Group...........................................................................190
Chapter 7: Reporting............................................................................................................ 193
About Reports.................................................................................................................................. 193
Available Reports Page........................................................................................................... 194
Report Parameters Page.........................................................................................................195
Report Results Page................................................................................................................197
Viewing Reports.......................................................................................................................197
Working with Reports.......................................................................................................................199
Searching within Reports.........................................................................................................199
Displaying Time and Date in Reports......................................................................................200
Exporting Reports.....................................................................................................................200
Viewing Printable Data in Reports...........................................................................................200
Available Reports.............................................................................................................................201
Agent Policy Report.................................................................................................................201
Deployment Detail Report........................................................................................................202
Deployment Error Report.........................................................................................................202
Deployment In-Progress Report...............................................................................................203
Deployment Summary Report..................................................................................................204
Detection Results Not Found Report.......................................................................................205
Table of Contents
- 11 -
Device Duplicate Report..........................................................................................................205
Device Status Report...............................................................................................................206
Hardware Inventory Detail Report........................................................................................... 206
Hardware Inventory Summary Report..................................................................................... 207
Mandatory Baseline Detail Report...........................................................................................207
Mandatory Baseline Summary Report.....................................................................................208
Operating System Inventory Detail Report..............................................................................209
Operating System Inventory Summary Report........................................................................209
Package Compliance Detail Report.........................................................................................209
Package Compliance Summary Report...................................................................................210
Services Inventory Detail Report.............................................................................................211
Services Inventory Summary Report.......................................................................................211
Software Inventory Detail Report.............................................................................................211
Software Inventory Summary Report.......................................................................................212
Vulnerability Analysis Report...................................................................................................212
Chapter 8: Managing Users and Roles...............................................................................215
About User Management.................................................................................................................215
Viewing Users.......................................................................................................................... 216
Defining User Access.......................................................................................................................216
Windows-based Authentication................................................................................................216
Update Access Rights..............................................................................................................216
Defining Users..................................................................................................................................216
Defining Roles..................................................................................................................................217
Defining the Predefined System Roles....................................................................................217
Defining Custom Roles............................................................................................................218
Defining Access Rights............................................................................................................218
Defining Accessible Device Groups.........................................................................................221
Defining Accessible Devices....................................................................................................222
Working with Users..........................................................................................................................222
Creating New Users.................................................................................................................222
Adding Existing Users..............................................................................................................226
Editing User Profiles................................................................................................................ 228
Removing Users.......................................................................................................................229
Deleting Users..........................................................................................................................230
Table of Contents
- 12 -
Changing a User’s Password.................................................................................................. 230
Working with User Roles.................................................................................................................232
Creating User Roles.................................................................................................................233
Editing User Roles...................................................................................................................235
Assigning a User Role to an Existing User.............................................................................236
Disabling User Roles............................................................................................................... 237
Enabling User Roles................................................................................................................238
Deleting User Roles.................................................................................................................238
Chapter 9: Configuring Default Behavior...........................................................................239
About the Options Page.................................................................................................................. 239
Viewing Configuration Options.................................................................................................240
Viewing Subscription Service Information........................................................................................241
Subscription Service Information............................................................................................. 242
Subscription Service History....................................................................................................242
Subscription Service Configuration..........................................................................................244
Setting the Vulnerability and Package Languages..................................................................247
Configuring Enhanced Content................................................................................................248
Supporting Red Hat Enterprise and Sun Solaris Agents.................................................................251
Enabling Enhanced Content....................................................................................................251
Content Credentials Manager..................................................................................................252
Verifying Subscription Licenses.......................................................................................................255
Product Information..................................................................................................................255
Default Configuration........................................................................................................................257
Configuring Deployment Defaults............................................................................................ 258
Configuring Agent Defaults......................................................................................................259
Configuring User Interface Defaults.........................................................................................261
Configuring ISAPI Communication Settings............................................................................ 263
Working With Agent Policy Sets......................................................................................................264
Viewing Agent Policy Summary Information............................................................................265
Creating a Policy Set...............................................................................................................265
Editing a Policy Set..................................................................................................................269
Deleting a Policy Set............................................................................................................... 270
Defining Inventory Collection Options......................................................................................272
Defining Agent Hours of Operation..........................................................................................275
Table of Contents
- 13 -
Defining FastPath Servers.......................................................................................................276
Defining Agent Policy Conflict Resolution............................................................................... 278
Using E-Mail Notification..................................................................................................................279
Defining E-Mail Notification......................................................................................................280
Defining E-Mail Alert Thresholds.............................................................................................281
Sending a Test E-Mail.............................................................................................................282
Technical Support Information.........................................................................................................283
Server Information....................................................................................................................283
Component Version Information.............................................................................................. 284
Support Information..................................................................................................................285
Chapter 10: Using the Agent............................................................................................... 287
About the Agent for Pre Windows Vista..........................................................................................287
Viewing the Pre Windows Vista Agent....................................................................................287
Deployment Tab.......................................................................................................................288
Detection Tab...........................................................................................................................291
Proxies Tab..............................................................................................................................293
About Tab.................................................................................................................................295
User Interaction During a Deployment.................................................................................... 296
User Interaction During a Reboot............................................................................................298
About the Agent for Windows Vista.................................................................................................299
Viewing the Agent....................................................................................................................299
Home Page.............................................................................................................................. 301
Tools and Settings...................................................................................................................303
User Interaction During a Deployment.................................................................................... 306
User Interaction During a Reboot............................................................................................308
About the Agent for Mac................................................................................................................. 309
Viewing the Agent....................................................................................................................309
Deployment Tab.......................................................................................................................309
Detection Tab...........................................................................................................................311
Refreshing the Agent Information............................................................................................312
Starting the Agent....................................................................................................................312
Stopping the Agent.................................................................................................................. 312
Restarting the Agent................................................................................................................313
User Interaction During a Deployment.................................................................................... 313
Table of Contents
- 14 -
User Interaction During a Reboot............................................................................................314
About the Agent for Linux/Unix........................................................................................................315
Appendix A: Patch Management Server Reference.......................................................... 317
Server Security.................................................................................................................................317
Server Error Pages..........................................................................................................................318
WinInet Error Codes........................................................................................................................ 318
HTTP Status Codes.........................................................................................................................319
Device Status Icons.........................................................................................................................320
Appendix B: Securing Your Patch Management Server...................................................321
Secure Your Server With SSL.........................................................................................................321
Use Secure Passwords....................................................................................................................322
Turn Off File and Printer Sharing....................................................................................................322
Turning Off File and Printer Sharing....................................................................................... 322
Put Your Server Behind a Firewall..................................................................................................323
Turn Off Non-Critical Services.........................................................................................................323
Lock Down Unused TCP and UDP Ports........................................................................................323
Locking Unused Ports..............................................................................................................323
Apply All Security Patches...............................................................................................................327
Appendix C: Working With the Content Update Tool....................................................... 329
Content Update Tool System Requirements...................................................................................329
Installing the Content Update Tool..................................................................................................330
Downloading the Content Update Tool....................................................................................330
Installing the Content Update Tool..........................................................................................332
Using the Content Update Tool.......................................................................................................333
The Configuration Page...........................................................................................................333
Using the Content Update Tool...............................................................................................334
Appendix D: Creating a Disaster Recovery Solution........................................................ 341
Preparing Your Database................................................................................................................ 341
Changing the Database Recovery Model................................................................................341
Creating a Manual Solution.............................................................................................................343
Creating a Database Backup...................................................................................................343
Restoring a Database Backup.................................................................................................346
Table of Contents
- 15 -
Creating an Automated Solution......................................................................................................349
Creating a Maintenance Plan.................................................................................................. 349
Appendix E: Working With the Distribution Point.............................................................357
Distribution Point System Requirements......................................................................................... 357
Installing the Distribution Point........................................................................................................ 358
Downloading the Distribution Point..........................................................................................358
Installing the Distribution Point................................................................................................ 359
Configuring the Distribution Point....................................................................................................361
Table of Contents
- 16 -
- 17 -
Preface
About This Document
This User Guide is a resource written for all users of Novell ZENworks Patch Management
6.4 SP2. This document defines the concepts and procedures for installing, configuring,
implementing, and using Novell ZENworks Patch Management 6.4 SP2.
Tip: Novell documentation is updated on a regular basis. To acquire the latest version of this
or any other published document, please refer to the Novell Documentation Web page (http://
www.novell.com/documentation/).
Typographical Conventions
The following conventions are used throughout this documentation to help you identify various
information types.
Convention Usage
bold Buttons, menu items, window and screen objects.
bold italics Wizard names, window names, and page names.
italics New terms, options, and variables.
UPPERCASE SQL Commands and keyboard keys.
monospace File names, path names, programs, executables, command
syntax, and property names.
Contacting Novell
The following table lists the available technical support options.
Call Novell Support
Phone: +1 800.858.4000
Web Support
http://www.novell.com/support
Preface
- 18 -
- 19 -
Chapter
1
ZENworks Patch Management Overview
In this chapter:
• Product Overview
• System Requirements
• Agent Supported
Operating Systems
• Agent Supported
Languages
ZENworks Patch Management is a tool to audit the current
state of a network and install updates to the various devices
within that company’s network. The ZENworks Patch
Management Server retrieves available vendor patches
collected by Novell and bundled with scripts that use an
Agent as a detection and installation tool.
A vulnerability includes information that is used by the
agents to identify the requirements for the devices. This
identification process uses prerequisite profiles to determine
if a patch is applicable to a computer. If the prerequisite
profile matches then the agent will use detailed patch
identifiers, called fingerprints, to verify the device is fully
patched and protected.
Product Overview
ZENworks Patch Management is an agent-based patch, vulnerability and compliance
management system that monitors and maintains patch compliance throughout the entire
enterprise using a centralized Web-interface. ZENworks Patch Management provides a means
for an administrator to install an Agent on every client system in the target network ensuring all
systems are protected.
ZENworks Patch Management
- 20 -
Patch Management Server and Agent Process
The following process map demonstrates how patch information is communicated between the
Patch Management Server and the Agent.
1. The Agent scans the host device and compiles information on
operating system, software, hardware, and services on that
device via the Discover Applicable Updates (DAU) task.
2. The DAU runs an inventory scan on the agent and sends
the results back to Patch Management Server, which
compares it with the list of known vulnerabilities. Based
on this information, vulnerabilities are determined to be
applicable for each device.
3. The results of the scan are returned to the Patch
Management Server and can be viewed at any time in
the Inventory section of the product. If applicable, the
Agent performs another scan using the patch fingerprints
incorporated into each vulnerability to determine the device’s
patch status in relation to that vulnerability.
4. Once patch status is established, the ZENworks Patch
Management Administrator creates deployments to patch the
devices on the network. The deployments are then sent to the
selected agents.
5. Once patch status is established, the Administrator can
deploy the desired vulnerability to each applicable device on
the network.
6. After the agent receives the patch from the server, it applies
the patches by installing them to the device. The device is
now protected.
/