HP Insight Vulnerability and Patch Manager software 6.
© Copyright 2005, 2009 Hewlett-Packard Development Company, L.P. Legal Notices Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents 1 Introduction...............................................................................................6 Vulnerability and Patch Manager features...................................................................................................6 Service name changes.............................................................................................................................7 2 Using Vulnerability and Patch Manager.......................................................
Systems Insight Manager integration........................................................................................................24 6 Support and other resources......................................................................25 Information to collect before contacting HP...............................................................................................25 How to contact HP.............................................................................................................
List of Tables 2-1 2-2 2-3 2-4 2-5 2-6 2-7 Interface access................................................................................................................................9 Vulnerability and Patch Manager icons..............................................................................................10 Provided scan definitions..................................................................................................................11 Vulnerability and Patch Manager scan events...
1 Introduction HP Insight Vulnerability and Patch Manager is an all-in-one vulnerability assessment and patch management tool integrated into HP Insight Control, simplifying and consolidating the proactive identification and resolution of issues that impact server availability into one central console. IMPORTANT: HP is phasing out the HP Vulnerability and Patch Manager software (VPM) from Insight Control.
Service name changes The following table lists service name changes between Vulnerability and Patch Manager 3.x and 6.x. Vulnerability and Patch Manager items Version 3.x Version 6.x • RADIA version • 7.2 • 7.8 • STAT-SCANNER version • 6.4.5 • 6.4.6 • 3.0 • 6.
Vulnerability and Patch Manager items • • Install command for Vulnerability and Patch Manager Version 3.x Version 6.x Stat Engine (for Scanner 6.x only) Stat Engine (for Scanner 6.x only) • • Command line with /silent, but stand-alone GUI • installer removed • \\VPM\WIN_IA32\acquiretool\setup.exe • Microsoft® SQL Server • Microsoft® SQL Server • TCP/IP • TCP/IP • HP SIM and Vulnerability and Patch Manager versions, HP SIM 5.
2 Using Vulnerability and Patch Manager Prerequisites The following are the prerequisites for using the Vulnerability and Patch Manager software: • VPM: Microsoft .NET Framework 3.0 is a requirement for accessing the VPM 6.0 functionalities (as a requirement for the Radia 7.8 version). • Acquire Tool: Microsoft .NET Framework 3.0 or later for installing the Acquire tool.
Table 2-2 Vulnerability and Patch Manager icons Icon Status Risk assessment Critical vulnerabilities have been detected. High Major vulnerabilities have been detected. Medium Minor vulnerabilities have been detected. Low and warning No vulnerabilities have been detected. None The Unknown icon might appear for the following reasons: Unknown • Vulnerability and Patch Manager cannot access the system because proper authentication information was not provided.
3. 4. Follow the on-screen instructions, selecting the appropriate update information for your server environment when prompted. Click Schedule, and then select a time to acquire daily Vulnerability and Patch Manager updates. Updates might not be available daily, but scheduling the event daily ensures that you obtain critical updates promptly. Updates to scan definitions are usually available a few days after new patches are released. 5. To run the patch acquisition, click Run Now.
Scan definition Description Vista Windows Vista® vulnerabilities * This scan definition is not included with the current version of Vulnerability and Patch Manager and only exists if previous versions of the software have been installed. For more information on vulnerability scanning, see the Vulnerability and Patch Manager online help. • To perform a vulnerability scan, select Diagnose→Vulnerability and Patch Manager→Scan→Scan for Vulnerabilities.
Table 2-4 Vulnerability and Patch Manager scan events Event Description Occurs Submitted VPM Scan A vulnerability scan has been submitted When a scan is submitted. If another scan is already running, this scan is queued. Started VPM Scan A group vulnerability scan has started When a scan is started for all systems selected in the scan operation. Each individual system also has a scan start event. Individual machines are scanned one at a time.
Event Description Occurs VPM Patch Not Applicable The selected patch is not applicable to the When the selected patch is not applicable selected system and therefore is not to the selected system. applied. Failed VPM Patch A failure has occurred during a Vulnerability and Patch Manager patch operation. Failed VPM Patch for a System A failure has occurred during a VPM patch When an individual system fails to complete operation for a particular system. because of an internal error.
Event Description Occurs Vulnerability and Patch Manager Scan Definition Removal Failure Vulnerability and Patch Manager could not When one or more custom scan definitions remove a vulnerability scan definition file are not removed as a part of the delete operation from the Customize Scan operation.
3 Backing up and restoring Vulnerability and Patch Manager Vulnerability and Patch Manager application files are tightly coupled to Systems Insight Manager and its components. There are also Vulnerability and Patch Manager subcomponents, which can place files in other locations. A number of tables exist in databases, which require special tools to back up effectively. Use the following guidelines to preserve the history of previous scan results and the list of patches installed on each target system.
4 Uninstalling Vulnerability and Patch Manager You can use either of the following methods to uninstall Vulnerability and Patch Manager. The Vulnerability and Patch Manager uninstallation must be performed from the Vulnerability and Patch Manager server. Vulnerability and Patch Manager scan results can be retained after uninstallation. The last scan performed can be accessed from the VPM column. If you choose to delete scan results, the VPM column is set to an initialized state.
The VPM Results directory remains only if you select to retain Vulnerability and Patch Manager data during the uninstallation. Reinstalling Vulnerability and Patch Manager If an updated version of Vulnerability and Patch Manager is installed after a previous version has been uninstalled, the entitlement list could be lost for all managed target systems. To prevent this, be sure that you uninstall and reinstall the updated VPM Patch Agent to all target systems.
5 Troubleshooting This chapter identifies and provides solutions for commonly encountered Vulnerability and Patch Manager issues, as well as answers to frequently asked questions. Uninstalling Vulnerability and Patch Manager Use either of the following methods to uninstall Vulnerability and Patch Manager. The Vulnerability and Patch Manager uninstallation must be performed from the Vulnerability and Patch Manager server. Vulnerability and Patch Manager scan results can be retained after uninstallation.
Remaining Vulnerability and Patch Manager files A Vulnerability and Patch Manager uninstallation does not remove all Vulnerability and Patch Manager files from the server. The following files remain after uninstallation: • • Target systems: • C:\Program Files\Hewlett-Packard\HPCA\ManagementAgent\nvdkit.exe • C:\Program Files\Hewlett-Packard\HPCA\ManagementAgent\rma.tkd • C:\Program Files\Hewlett-Packard\HPCA\ManagementAgent\rma.
Linux target systems • TCP/IP network protocol is enabled. • SSH is enabled and listening on the default port 22. • Vulnerability and Patch Manager includes PuTTY SSH client and uses the plink session command and PSCP secure copy, as well as SFTP secure file transfer commands. Both protocols 1.5 and 2.0 are supported if they are correctly installed and functioning on the target system.
VPM Patch Agent installation fails The VPM Patch Agent is automatically deployed when systems are licensed to allow patches to be applied to the systems. If a server type is identified as Unknown or Unmanaged with no identified operating system in the Systems Insight Manager console, Vulnerability and Patch Manager automatically attempts to deploy the VPM Patch Agent for Windows systems. The VPM Patch Agent deployment fails on Linux systems, and event details display an error.
This message occurs because the Microsoft information pertaining to the patch location is incorrect and the patch cannot be downloaded. HP is working to correct the metadata at the HP/Radia website for these older patches, however this is ongoing maintenance. These corrections will automatically be downloaded each time a patch acquisition is run. No updates are needed to Vulnerability and Patch Manager.
Multiple events listed in Systems Insight Manager for patch deployments Patch deployments create multiple events in Systems Insight Manager. There is a start event, a completion event, and a patch current status event. The patch current status event evaluates the status of the patches after the reboot has been completed.
6 Support and other resources Information to collect before contacting HP Be sure to have the following information available before you contact HP: • Software product name • Hardware product model number • Operating system type and version • Applicable error message • Third-party hardware or software • Technical support registration number (if applicable) How to contact HP Use the following methods to contact HP technical support: • In the United States, see the Customer Service / Contact HP U
Command user input computer output Enter term variable value Command name or qualified command phrase. Commands and other text that you type. Text displayed by the computer. The name of a keyboard key. Note that Return and Enter both refer to the same key. A sequence such as Ctrl+A indicates that you must hold down the key labeled Ctrl while pressing the A key. Defined use of an important word or phrase. The name of an environment variable, for example PATH or errno.
Index F features, 6 I interface overview, 9 L Linux target systems, 21 O overview, 6 P patch acquisition error, 21 process overview, 6 R reinstalling Vulnerability and Patch Manager, 18, 20 S scans provided scans, 11 T timeout error, 21 troubleshooting, 19 3010 error, 24 and Windows, 20 and Windows XP, 20 checking for missing patches, 23 HTTP 300 error, 22 multiple events, 24 overlapping tasks, 21 patch acquisition, 22 patch deployment, 23 patch information, 21 patch reports, 23 Radia internal error,