F-Secure Policy Manager Reporting Option

Similar documents
F-Secure Client Security. Quick Installation Guide

Copyright Autodesk, Inc.

SkyPoint Installation & Licensing Guide

A & A Library - Network Install

TIE1.80InstallationGuideUK

escan Quick Reference and Installation Guide This document provides information to install escan and serves as a quick reference to run key tasks.

Installing Lotus Notes on Your Computer Lotus Notes release (Standard and Basic versions)

ChromQuest 4.2 Chromatography Data System

Release Date September 30, Adeptia Inc. 443 North Clark Ave, Suite 350 Chicago, IL 60654, USA

HP StorageWorks Performance Advisor. Installation Guide. Version 1.7A

EMS Installation. Workstation Requirements CHAPTER. EMS Lite (Windows 95/98) EMS NT (Windows NT 4.0)

LifeSize Gatekeeper Installation Guide

x10data Application Platform v7.1 Installation Guide

BitDefender Enterprise Manager. Startup guide

Central Administration Console Installation and User's Guide

Installation Guide Worksoft Certify

Version 11. NOVASTOR CORPORATION NovaBACKUP

AgcCls. AgcCls Installation & User Manual. Concurrent License Server for WinIGS. Software Version April 2017

EXPRESSCLUSTER X SingleServerSafe 3.3 for Windows. Installation Guide. 01/29/2016 3rd Edition

EXPRESSCLUSTER X SingleServerSafe 3.3 for Windows. Installation Guide. 10/02/2017 6th Edition

Consulting Library Network Install

PlexService 2.5 Installation Guide

UC for Enterprise (UCE) NEC Centralized Authentication Service (NEC CAS)

Quick KVM 1.1. User s Guide. ClearCube Technology, Inc.

Oracle Retail Customer Engagement Cloud Service (Relate) Installation Guide - Installer Release 11.4 E Revision 2

Workstation Setup Instructions Release 9.5

HR-Lite Database & Web Service Setup Guide

Installation Guide. EventTracker Enterprise. Install Guide Centre Park Drive Publication Date: Aug 03, U.S. Toll Free:

Galileo Desktop SM 2.1. Installation Guide

User Guide. PCmover Professional for Windows XP. Laplink Software, Inc. User Guide MN-PCMPRO-XP-EN-08 (REV. 2014/07/08)

Product Release Notes for Avaya Proactive Contact Supervisor

Professional. User Guide. Professional. User Guide MN-PCMPRO-EN-06 (REV. 07/2010)

CA ehealth Integration for HP OpenView

Tax Library - Single Computer Install

Workstation Configuration Guide

HP ProCurve Manager Plus

KYOCERA Net Admin Installation Guide

Top Producer 7i Remote

ExpressCluster X SingleServerSafe 3.2 for Windows. Installation Guide. 2/19/2014 1st Edition

Delphi Workstation Setup Instructions. June 3, 1009

EM Library Startup guide

License Server

Version 2.8. Installation Guide

Symantec pcanywhere 12.5 SP4 Release Notes

Workstation Configuration

Enterprise Vault.cloud CloudLink Google Account Synchronization Guide. CloudLink to 4.0.3

Workstation Configuration

LT Auditor Installation Guide

AnySite. Australia. Install Guide. AnySite v9.1 Install Guide

Mailbox Manager Getting Started Guide. Licensing Installation Options System Requirements Installation Instructions

HP Data Protector Media Operations 6.11

OLI Engine in Aspen Hysys

Laplink PCmover Professional The Only Software that Moves Programs, Files, and Settings to a New PC!

LABEL ARCHIVE Administrator s Guide

Employee Web Services. Installation Guide

KG-TOWER Software Download and Installation Instructions

Scribe Insight Installation Guide. Version August 10, 2011

MapMarker Plus Developer Installation Guide

Veritas Desktop and Laptop Option Mac Getting Started Guide

Cisco IMC Smart Plugin 1.0 For HP Operations Manager - Windows

MassTransit Server Installation Guide for Windows

InSync Service User Guide

Batch Watermark Creator Software

User Manual. Active Directory Change Tracker

IT Essentials v6.0 Windows 10 Software Labs

MapMarker Plus Desktop Installation Guide

PropertyBoss Upgrade

Workstation Configuration

Installing the Management Software

Trace Debug Tools Version 1.2 Installation Guide

Installing Intellicus DotNet Client on Windows. Version: 16.0

Smart Access Control System Software User Manual (Client Version)

Workstation Configuration

ER/Studio Enterprise Portal User Guide

EXPRESSCLUSTER X for Windows. Quick Start Guide for Windows Server 2016 Hyper-V. Version 1 Mar 27, 2018

Release Date March 10, Adeptia Inc. 443 North Clark Ave, Suite 350 Chicago, IL 60610, USA Phone: (312)

T E KLYNX BACKTRACK V E R S I O N 6 I N S T A L L A T I O N G U I D E

LifeSize Control Installation Guide

ChequePrinting.Net Enterprise Cheque Printing Software

MX OPC Server 5.0 Help Documentation

10ZiG Technology. Thin Desktop Quick Start Guide

Mascot Insight Installation and setup guide

Ocularis. Installation & Licensing Guide

Dell License Manager Version 1.2 User s Guide

Release Date April 9, Adeptia Inc. 443 North Clark Ave, Suite 350 Chicago, IL 60654, USA

Professional. User Guide. Professional. Laplink Software, Inc. User Guide MN-PCMPRO-EN-08 (REV. 2014/04/10)

INSTALLATION AND SIGN-ON

Notices Carbonite Move for Linux User's Guide Version 8.1.1, Wednesday, January 31, 2018 If you need technical assistance, you can contact

A Guide to Installing OLI Software

LiveNX Upgrade Guide from v5.1.2 to v Windows

SpatialWare INSTALLATION GUIDE. for Microsoft SQL Server. Version 4.9.2

Silk Performance Manager Installation and Setup Help

Installation Guide for Servers

Isograph Software Products

Administrator s Guide

Agilent MassHunter LC/SQ ChemStation Integration Software

Inmagic Content Server Enterprise Inmagic Content Server Standard Version 1.3 Installation Notes

Veritas Desktop Agent for Mac Getting Started Guide

BackupVault Desktop & Laptop Edition. USER MANUAL For Microsoft Windows

Veritas System Recovery 18 Management Solution Administrator's Guide

Transcription:

F-Secure Policy Manager Reporting Option Securing the Distributed Enterprise Administrator s Guide

All product names referenced herein are trademarks or registered trademarks of their respective companies. F-Secure Corporation disclaims proprietary interest in the marks and names of others. Although F-Secure Corporation makes every effort to ensure that this information is accurate, F-Secure Corporation will not be liable for any errors or omission of facts contained herein. F-Secure Corporation reserves the right to modify specifications cited in this document without prior notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of F-Secure Corporation. Copyright 1996-2002 F-Secure Corporation. All rights reserved. #12000030-2E27

Contents 1. Introduction... 1 2. Installation... 3 2.1 System Requirements... 3 2.2 Installing F-Secure Policy Manager Reporting Option... 4 2.3 Reinstallation... 8 2.4 Uninstallation... 8 3. Getting Started... 9 3.1 User Interface Basics... 9 4. Configuring Reports with the User Interface... 13 4.1 Overview... 13 4.2 Configurations... 14 4.3 Defining a Communication Directory... 17 4.4 Configuring a Report Output Directory... 19 4.5 Customizing the Report Template Hierarchy... 20 4.6 Generating Reports... 30 4.7 Viewing Reports... 32 5. Command Line Report Generation... 35 5.1 Usage... 35

5.2 The help.bat Command... 36 5.3 The run.bat Command... 36 5.4 The gui.bat Command... 38 5.5 The schedule.bat Command... 38 5.6 The dump.bat command... 39 6. Scheduling Report Generation... 41 6.1 Using the System Scheduler... 42 6.2 Scheduling Tasks in Windows... 44 Appendix A. XSL Templates... 47 Technology... 47 XSL Report Template Descriptions... 48 XSL Report Template Parameters and Variables... 72 Appendix B. Document Type Definitions... 79 Document Type Definition for fspmrocfg.xml... 79 Document Type Definition for xslcfg.xml... 80 Document Type Definition for F-Secure Policy Manager Reporting Option s XML Document... 81 Appendix C. Configuring Reports Manually... 87 Configuring Domain Reports... 88 Configuring Host Reports... 92 Combining Domain and Host Reports... 95 Generating Reports... 97 Dumping XML Data... 100 Features... 101

Glossary... 111 Technical Support... 113 Web Club... 113 Electronic Mail Support... 114 F-Secure Technical Product Training... 115 About F-Secure Corporation... 117 The F-Secure Product Family... 118

1. Introduction F-Secure Policy Manager Reporting Option is a powerful tool for monitoring the health status of the entire managed network by generating reports including security alerts, virus infections rates, anti-virus database updates, product versions and host status, etc. These reports can be viewed on the network, security domain or individual host level and all reports can be customized and viewed with a standard Internet browser or with Microsoft Excel. F-Secure Policy Manager Reporting Option competes with and greatly exceeds products offered by our competitors, offering the following features: Significantly faster report creation, New reporting templates that include reports which enable the health status of the entire managed network to be monitored, Ability to connect to multiple F-Secure Policy Manager Servers and create reports on a single console, Service levels can now be monitored. It is possible to monitor alerts, virus infections, antivirus database updates, product versions, operating platforms, host alive status and certificates in the network. 1

Chapter 1 Introduction 2

2. Installation F-Secure Policy Manager Reporting Option can be installed either by download from the Internet or from an F-Secure CD. Before you begin installation, see that your system meets with the F-Secure Policy Manager Reporting Option s system requirements. 2.1 System Requirements The following system requirements are minimum requirements and it should be noted that increased memory and processing power will increase performance. Processor: Memory: Network: Intel Pentium III 450 MHz (or equivalent) 256MB RAM 10 Mbit network If you will be generating reports from more than 5000 hosts you will need: Processor: Memory: Network: Server: PIII 750 MHz (minimum) 512MB RAM 100Mbit Windows NT4 Server, Windows 2000 Server, Windows 2000 Advanced Server, Windows.NET Server, Windows.NET Standard Server. 3

Chapter 2 Installation 2.2 Installing F-Secure Policy Manager Reporting Option These installation instructions are for users of F-Secure Policy Manager Reporting Option generating reports using the user interface, and based on installation from your F-Secure CD. If you are installing from an Internet download, setup may differ slightly. 1. Insert the F-Secure CD in your CD-ROM drive. 2. Select Corporate Use, and click Next to continue. 3. From the Install or Update Managed Software menu, select F-Secure Policy Manager. 4. From the F-Secure central management list, select F-Secure Policy Manager. 5. From the After you have installed Policy Manager section, select F-Secure Policy Manager Reporting Option. 6. The Setup welcome text appears. Please read it and click Next to continue. 4

Installing F-Secure Policy Manager Reporting Option Section 2.2 7. Read the license agreement. To accept the license terms, select the I accept the agreement check box, and click Next to continue. 8. Select the components you want to install. When you are ready, click Next to continue. 5

Chapter 2 Installation 9. Enter or browse for an installation directory. When you are ready, click Next to continue. 10. Setup searches for an F-Secure Policy Manager Server communication directory location. If it is found, the path is displayed in the Communication Directory Path: text field. Click Next to accept it as the communication directory. If it is not found, enter or browse for a communication directory location. When finished, click Next to continue. 6

Installing F-Secure Policy Manager Reporting Option Section 2.2 If you do not have a real communication directory available yet, a demo communication directory is bundled with F-Secure Policy Manager Reporting Option. To see what F-Secure Policy Manager Reporting Option has to offer, check the Try out with a demonstration Communication Directory checkbox, and click Next to continue. 11. Setup displays the changes that will be made to your system. Click Next to continue. 7

Chapter 2 Installation 12. The F-Secure Policy Manager Reporting Option installation package is extracted to the installation directory specified earlier. When the installation process is finished, the following dialog box appears: If you want to start F-Secure Policy Manager Reporting Option now and/or view the release notes, select the appropriate check boxes. Click Finish to complete the setup. 2.3 Reinstallation The F-Secure Policy Manager Reporting Option Setup reinstallation process updates all the F-Secure Policy Manager Reporting Option files. It will not modify any user defined configuration-related files. 2.4 Uninstallation The F-Secure Policy Manager Reporting Option Setup uninstallation process removes all F-Secure Policy Manager Reporting Option related files except the Report Output directories defined in various user-made configurations. These must be removed manually. 8

3. Getting Started F-Secure Policy Manager Reporting Option is an optional component of F-Secure Policy Manager that allows you to generate reports in various formats such as HTML, XML, CSV and text. The reports are comprised of various F-Secure Policy Manager items such as statistics, alerts and host properties, and are based on user-definable XSL report templates installed with the product. 3.1 User Interface Basics The F-Secure Policy Manager Reporting Option user interface (GUI) is a feature of F-Secure Policy Manager Reporting Option for creating report configurations. A report configuration consists of three main configuration items, these being: Communication directories (from where the statistics, alerts, and host properties are collected into reports), The report output directory (to where the generated reports are output) and, The report template hierarchy (containing the report templates for reports to be generated). 9

Chapter 3 Getting Started The F-Secure Policy Manager Reporting Option user interface is divided into three panes: Communication Directories pane, Report Output Directory pane, Report Template Hierarchy pane. 10

User Interface Basics Section 3.1 Communication Directories Pane In the Communication Directories pane, you can add and remove communication directories. Report Output Directory Pane In the Report Output Directory pane, you can specify a report output directory in the available text field, or browse for report output directories by clicking the icon. 11

Chapter 3 Getting Started Report Template Hierarchy Pane In the Report Template Hierarchy pane, you can: Add, edit and delete new report template directories, Add, edit and delete report templates. Toolbar The toolbar contains buttons for the most common F-Secure Policy Manager Reporting Option tasks. New Opens a new configuration Open Opens an existing configuration. Save Saves the current configuration. Generate Reports Stop Generates a report in the default browser. Stops the report generation process. Help Displays F-Secure Policy Manager Reporting option help. 12

4. Configuring Reports with the User Interface A configuration holds information concerning a reporting configuration. With the F-Secure Policy Manager Reporting Option User Interface, you can define F-Secure Policy Manager Server communication directory location paths, a Report Output Directory path and a Report Template Hierarchy. 4.1 Overview The following steps outline the process of configuring, generating and viewing reports: 1. Create a new configuration. See Creating a New Configuration for more details. 2. Define the communication directories. See Defining a Communication Directory for more details. 3. Define a report output directory. See Configuring a Report Output Directory for more details. 4. Each report template in the report template hierarchy needs to be customized. Using the report template wizard, you can select the report template type and name, whether either domains or hosts are included in the report and whether the report is for a domain or host. See Customizing the Report Template Hierarchy for more details. 13

Chapter 4 Configuring Reports with the User Interface 5. Run the report generation for the current configuration. Reports will be generated for each defined report template. To generate reports using the user interface, see Generating Reports. To generate reports manually using a command line program, see Configuring Reports Manually. 4.2 Configurations F-Secure Policy Manager Reporting Option can be configured in a variety of ways. A configuration contains information about a reporting configuration, and a valid reporting configuration consists of four sections: A section for one or more F-Secure Policy Manager or Commdir location paths, A section for a Report Output Directory path, A section for a Report Template Hierarchy, A section for a Report Template Directory path. You can define the first three items; the F-Secure Policy Manager user interface defines the Report Template Directory automatically. You can, however, define the Report Template hierarchy, which subsequently defines the directory hierarchy. A configuration is written to the Installation directory (selected by you during setup) under the..\configurations directory. This directory contains a configuration directory for each defined configuration. In this directory, named for the configuration itself, is the fspmrocfg.xml file, which contains the F-Secure Policy Manager Server/Commdir location paths, Report Output Directory path and Report Template directory paths defined for the configuration. Creating a New Configuration To generate reports, you first need to have a configuration with which to work. To create a new configuration: 1. Click on the toolbar (or open the File menu and select New). The Create Configuration dialog appears. 14

Configurations Section 4.2 2. Enter a name for the new configuration in the text field. Click OK. If a Configuration with the specified name already exists, the Configuration Exists dialog appears. Click OK to close the Configuration Exists dialog. Return to step 1 and restart creation of a new configuration. 3. A new configuration for the specified name is created and the new empty configuration is opened into the user interface. Opening a Configuration To open an existing configuration: 1. Click on the toolbar (or open the File menu and select Open). The Open Configuration dialog appears. 15

Chapter 4 Configuring Reports with the User Interface 2. Select the name of the configuration you want to open from the list. Click OK. The selected configuration opens in the user interface. Saving a Configuration The user can save the current configuration. When saving the current configuration, the configuration data is saved to the configuration's Configuration Directory. Saving a Configuration As... To save a new configuration for the first time, or to save the current configuration with a new name: 1. open the File menu and select Save as. The Save As Configuration dialog appears. 2. In the text field, specify a name for the configuration. Click OK to save. A new configuration with the specified name is created and the current configuration s data is copied to the new configuration. Removing a Configuration To remove the current configuration, open the File menu and select Remove. The Remove Configuration dialog appears. Click OK to remove the configuration. The current configuration is removed from the user interface and the configuration directory. 16

Defining a Communication Directory Section 4.3 4.3 Defining a Communication Directory The communication directory contains the information needed for your reports, and at least one communication directory location must be defined for a configuration. You can do this during installation, or when you begin using F-Secure Policy Manager Reporting Option. Adding a Communication Directory To add a communication directory: 1. Click Add in the Communication Directory pane. The Choose Communication Directory dialog opens. Browse for the communication directory you want to add to the configuration and click Open (a valid communication directory contains a commdir.cfg file). If an invalid communication directory is selected, the Invalid Communication Directory dialog appears. 2. The Communication Directory Alias dialog appears. Enter a name for the selected communication directory, and click OK to add the new location with the specified name to the current configuration. If the specified name already exists, Communication Directory Name Exists dialog appears. Click OK to return to the Communication Directory name dialog and redo to step 2 making sure not to enter an name that already exists. 3. The new communication directory location with the specified name is added to the current configuration and appears in the Communication Directories list. 17

Chapter 4 Configuring Reports with the User Interface Editing a Communication Directory You can edit an existing F-Secure Policy Manager Server communication directory as follows: 1. Click Edit in the Communication Directories pane. The Choose Communication Directory dialog box appears. Browse for a new communication directory location (A valid communication directory contains a commdir.cfg file). If an invalid F-Secure Policy Manager Server communication directory location is selected, the Invalid Communication Directory dialog appears. Click OK to return to the Communication Directory name dialog and restart editing. 2. The Communication Directory Alias dialog box appears. Edit the name of the selected communication directory location, and click OK. If the specified name already exists, the Communication Directory Name Exists dialog appears. Click OK to return to the Communication Directory name dialog and redo step 2, making sure not to enter an existing name. 18

Configuring a Report Output Directory Section 4.4 3. The edited communication directory and the specified name are changed in the current configuration and appear in the Communication Directories list. When you save the current configuration, they are also written to the fspmrocfg.xml file in the current configuration's configuration directory. Removing a Communication Directory You can remove any F-Secure Policy Manager Server communication directory location with a name that is located in the Communication Directories list. To remove a communication directory location, select the communication directory you want to remove and click Remove. The F-Secure Policy Manager Server communication directory location with that name is removed from the current configuration as well as the Communication Directories list in the F-Secure Policy Manager Server Reporting Option User Interface. When you save the current configuration, the fspmrocfg.xml file is removed from the current configuration's Configuration directory. 4.4 Configuring a Report Output Directory You must specify a report output directory for a report configuration. To do this: 1. Enter the applicable directory path into the Report Output Directory text field, or click to browse for an applicable directory path with the Choose Report Output Directory file chooser dialog. If the specified directory path does not exist, the Create Report Output Directory dialog appears prompting you to create the specified report output directory. Click OK to create the new report output directory. 19

Chapter 4 Configuring Reports with the User Interface If your specified report output directory creation fails, the Report Output Directory Error dialog box appears (as in the example picture below). Click OK (the report output directory will remain unchanged) and return to step 1. 2. The new report output directory is added to the current configuration and appears in the report output directory text field. 4.5 Customizing the Report Template Hierarchy The report template hierarchy contains the report template directories and the report templates themselves that will be used when generating reports. You can customize the report template hierarchy and report templates according to your needs and specifications. Adding a Report Template Directory A report template directory may contain the report templates for a specific type of report (i.e. alert reports). To add a new report template directory to the report template hierarchy: 1. Select (with your mouse) the directory to which you want to add a subdirectory. 2. Click Add Directory in the Report Template hierarchy pane. A directory label editor appears in the report template directory tree. 20

Customizing the Report Template Hierarchy Section 4.5 3. Enter the name of the new report template directory with the label editor and pressing ENTER to accept. The new directory is added to the current configuration and appears in the report template hierarchy tree. Multiple report template directories cannot exist on the same level of the report template hierarchy. Editing a Report Template Directory To edit the name of a report template directory, follow these instructions: 1. Select (with your mouse) the directory you want to edit. 2. Click Edit in the report template hierarchy pane. A directory label editor appears in the report template directory tree. 3. Enter the new name for the report template directory and accepts it by pressing ENTER. Multiple report template directories cannot exist on the same level of the report template hierarchy. Removing a Report Template Directory To remove a report template directory from the report template hierarchy, follow these instructions: 1. Select (with your mouse) the directory you want to remove. 2. Click Remove. The Remove Node dialog appears. 3. Click OK to confirm that you want to remove the selected directory and all of its subdirectories. Adding a Report To add a report to the current configuration, follow these instructions: 1. Select a report template directory. 21

Chapter 4 Configuring Reports with the User Interface 2. Click Add Report. The report template wizard loads. NOTE: If a directory is not selected, nothing will happen when you click Add Report. 3. The Select Type wizard page appears. Select the report type. Domain Report - for reports to be generated from domains only. Host Report - for reports to be generated from hosts only. Click Next to continue. 22

Customizing the Report Template Hierarchy Section 4.5 4. The Select Report wizard page appears. Select the template you want to use. Click Next to continue. TIP: The Info panel on the Select Report wizard page contains information on the report template currently selected in the Report Templates tree. 23

Chapter 4 Configuring Reports with the User Interface 5. The Select domains or hosts wizard page appears. Select the components you want to add to the report to be generated, either domains or hosts depending on which report type you selected. Multiple domain components can be selected by pressing CTRL or SHIFT while making selections. Click Next to continue. 24

Customizing the Report Template Hierarchy Section 4.5 6. The Summary wizard page appears. Check that your selections are correct and click Finish to add the report. The new report is added to the current configuration and appears in the report template hierarchy tree. Editing a Report Editing a report is almost identical to the process of adding a report. To edit a report: 1. Select the report you want to edit and click Edit. 2. The Edit a Report Template wizard appears with the values of the report being edited as default selections. Edit these values as per the instructions 25

Chapter 4 Configuring Reports with the User Interface 3. The Select Type wizard page appears. Select the report type. Domain Report - for reports to be generated from domains only. Host Report - for reports to be generated from hosts only. Click Next to continue. 26

Customizing the Report Template Hierarchy Section 4.5 4. The Select Report wizard page appears. Select the template you want to use. Click Next to continue. TIP: The Info panel on the Select Report Template wizard page contains information on the report template currently selected in the Report Templates tree. 27

Chapter 4 Configuring Reports with the User Interface 5. The select domains or hosts wizard page appears. Select the components you want to add to the report to be generated, either domains or hosts depending on which report type you selected. Multiple domain components can be selected by pressing CTRL or SHIFT while making selections. Click Next to continue. 28

Customizing the Report Template Hierarchy Section 4.5 6. The Summary wizard page appears. Check that your edited selections are correct and click Finish to add the edited report to the current configuration. The edited report is added to the current configuration and appears in the report template hierarchy tree. Deleting a Report Template To remove a report template from the report template hierarchy, follow these instructions: 1. Select the report template you want to remove. 2. Click Remove. 3. The Remove Node dialog box appears, prompting you to confirm removal of the specified report template. To remove the selected report template, click OK. 29

Chapter 4 Configuring Reports with the User Interface The report template is now removed from the report template hierarchy and the configuration. 4.6 Generating Reports After you have defined all the necessary information about the communication directory, Report output directory and report template hierarchy of your current configuration, you can generate the report(s) defined in the report template hierarchy. The current Configuration has to be valid so that reports can be generated. To generate reports for your current configuration: 1. Click (or from the Run menu, select Generate Reports). NOTE: If you have not saved your current configuration, you will be prompted to save the configuration before report generation continues. 2. If you have not specified a browser for viewing reports, you are prompted to do so before report generation continues. If a browser has been specified, this step will be skipped. To select a browser, enter or browse for the browser s directory path, and click OK to continue. 30

Generating Reports Section 4.6 3. The required data for each report template in the report template hierarchy is collected. The Log dialog box appears, displaying all report generation progress information and error messages generated by the report generation process. If you do not want the Log dialog box to appear during future report generations, select Do not show this dialog again. NOTE: The Log dialog box will not close automatically. Once report generation is complete and the viewing browser has opened, click Close. 4. The data is collected from the specified F-Secure Policy Manager Server communication directory/ directories. After generating a report for each report template, the report generation process creates an index.html file to the Report Output Directory of the Configuration. The index.html file contains the report hierarchy under the Report Output Directory. 5. The report generation process launches the specified HTML Browser with the index.html page for viewing the generated report(s). Stopping Report Generation You can stop an ongoing report generation process. Stopping interrupts the report generation process and the report generation process exits. To stop report generation, click (or open the Run menu and select Stop). 31

Chapter 4 Configuring Reports with the User Interface 4.7 Viewing Reports After the report generation process is finished, the specified HTML appears, displaying the index page in the default web browser. To view the reports: 1. Click open the report hierarchy tree and subsequent subtrees. 2. Click on the report you want to view. The generated report data will appear, as shown in the following picture. 32

Viewing Reports Section 4.7 33

Chapter 4 Configuring Reports with the User Interface 34

5. Command Line Report Generation F-Secure Policy Manager Reporting Option can alternatively be used in command line mode. In this mode, report generation can be automated with the use of various scripts. With the help of command line parameters, you can produce the desired information, including XML data, reports, a report index, etc. The F-Secure Policy Manager Reporting Option installation contains the.bat command files needed for the most important procedures. Some of the.bat files do need editing while others operate as is. These command files can be altered and new files can be created to suit your needs. 5.1 Usage F-Secure Policy Manager Reporting Option Usage: runtime/bin/java -Xms16M -Xmx256M com.fsecure.fspmro.launcher [-i/--index ["only"]][-d/--date "dir" "file"] [-x/--xml domain=<name> host=<name> [commdir=<alias>][<file>]] [-c/--config <name>][-r --removeold][-g/--gui] [-v [<file>]][-h/--help] -i --index Index, generate an HTML index page of all generated reports. ["only"] Index only, without a report generation. -d Date info, add a current date information to the report paths. "dir" Dir date, generated reports under current date directory. "file" File date, generated reports are named with current date. -x --xml XML dump, a domain/host data to an XML document. domain=<name> Domain XML, data of the defined domain. host=<name> Host XML, data of the defined host. [commdir=<alias>] Commdir alias, communication directory containing the domain/host. 35

Chapter 5 Command Line Report Generation [<file>] XML output file, when undefined output is stdout. -c --config Report Configuration, generate reports in a configuration. <name> Configuration name. -r --removeold Remove old, clean report directory before report generation. -g --gui Report Configuration GUI, generate report configurations. -v --verbose Verbose, progress information is output to stdout. [<file>] Verbose output to file. -h --help Help, display this help and exit. 5.2 The help.bat Command The help.bat command contains the following command to launch the F-Secure Policy Manager Reporting Option help: start runtime\bin\java -Xms16M -Xmx256M -cp lib\fsa.jar;lib\xml\xerces.jar;lib\xml\xml-apis.jar;lib\xml\logkit.jar; lib\xml\avalon-framework.jar;lib\xml\avalon-excalibur.jar;lib\xml\xalan.jar; lib\xml\cocoon.jar;lib\fspmro.jar;lib\jh.jar;lib\fspmrohelp.jar com.fsecure.fspmro.launcher --help Output will contain the usage information shown in Usage on page 35. NOTE: The command does not fit on a single line in the above examples. However, the command must not contain any line breaks. 5.3 The run.bat Command The run.bat command contains the following command to launch the F-Secure Policy Manager Reporting Option report generation: start runtime\bin\java -Xms16M -Xmx256M -cp lib\fsa.jar;lib\xml\xerces.jar;lib\xml\xml-apis.jar;lib\xml\logkit.jar; lib\xml\avalon-framework.jar;lib\xml\avalon-excalibur.jar;lib\xml\xalan.jar; lib\xml\cocoon.jar;lib\fspmro.jar;lib\jh.jar;lib\fspmrohelp.jar com.fsecure.fspmro.launcher -d file -v -i 36

The run.bat Command Section 5.3 The report generation process searches for an fspmrocfg.xml file (the report configuration file) from the installation directory. This preserves backward compatibility with the earlier versions of F-Secure Policy Manager Reporting Option. The command: Appends the current date information into the names of each report generated. Produces an index.html as the index of reports generated. Produces a verbose information to stdout while generating reports. NOTE: The command does not fit on a single line in the above examples. However, the command must not contain any line breaks. To generate reports defined in a configuration, see The schedule.bat Command on page 38 and other Command sections. 37

Chapter 5 Command Line Report Generation 5.4 The gui.bat Command The gui.bat command contains the following command to launch the F-Secure Policy Manager Reporting Option Configuration user interface (GUI): start runtime\bin\java -Xms16M -Xmx256M -cp lib\fsa.jar;lib\xml\xerces.jar;lib\xml\xml-apis.jar;lib\xml\logkit.jar; lib\xml\avalon-framework.jar;lib\xml\avalon-excalibur.jar;lib\xml\xalan.jar; lib\xml\cocoon.jar;lib\fspmro.jar;lib\jh.jar;lib\fspmrohelp.jar com.fsecure.fspmro.launcher --gui --removeold The command: Launches the F-Secure Policy Manager Reporting Option Configuration GUI. It allows the user to make various report configurations. Enables the option to clean the Report Output Directory before the report generation. NOTE: The command does not fit on a single line in the above examples. However, the command must not contain any line breaks. 5.5 The schedule.bat Command The schedule.bat command contains commands to launch the F-Secure Policy Manager Reporting Option report generation for a desired report configuration or for automatic report generation purposes with scheduling see Chapter 6. Scheduling Report Generation. 38

The dump.bat command Section 5.6 5.6 The dump.bat command The dump.bat command contains the following command to launch the F-Secure Policy Manager Reporting Option to dump the XML data of desired domains or hosts: start runtime\bin\java -Xms16M -Xmx256M -cp lib\fsa.jar;lib\xml\xerces.jar;lib\xml\xml-apis.jar;lib\xml\logkit.jar; lib\xml\avalon-framework.jar;lib\xml\avalon-excalibur.jar;lib\xml\xalan.jar; lib\xml\cocoon.jar;lib\fspmro.jar;lib\jh.jar;lib\fspmrohelp.jar com.fsecure.fspmro.launcher --xml domain=<domain name here> commdir=<commdir_alias here> dump.xml -v The command: Collects the XML data of the defined domain from the defined commdir to the dump.xml file. Note that the domain name and commdir alias must be specified before generating the XML data. Also, the dump.xml file name can be changed. Produces a verbose information to stdout while generating reports. NOTE: Generating XML data of a host the domain=<domain name here> attribute must be replaced with the host=<host name here> attribute. NOTE: The command does not fit on a single line in the above examples. However, the command must not contain any line breaks. 39

Chapter 5 Command Line Report Generation 40

6. Scheduling Report Generation The actual report generation process for a defined configuration can be triggered with the schedule.bat command on a workstation. This command can be run in several ways, automatically or manually. This section describes one alternative, the system scheduler. The schedule.bat command contains the following commands to launch the F-Secure Policy Manager Reporting Option report generation: cd "C:\Program Files\F-Secure\Policy Manager Reporting Option\" runtime/bin/java -Xms16M -Xmx256M -cp lib\fsa.jar;lib\xml\xerces.jar;lib\xml\xml-apis.jar;lib\xml\logkit.jar; lib\xml\avalon-framework.jar;lib\xml\avalon-excalibur.jar;lib\xml\xalan.jar; lib\xml\cocoon.jar;lib\fspmro.jar;lib\jh.jar;lib\fspmrohelp.jar com.fsecure.fspmro.launcher --config "example" NOTE: The command does not fit on a single line in the above examples. However, the command must not contain any line breaks. NOTE: The installation directory path may have to be changed if the installation is done in a location other than the default installation directory. Also note that the configuration name after the --config flag can be changed if the automatic generation of reports of a configuration other than the example is desired. 41

Chapter 6 Scheduling Report Generation 6.1 Using the System Scheduler This section explains how the system scheduler can be used to automate the report generation process. Please note that this section is not intended to be a complete guide to the system scheduler service. It s purpose is to serve as an example as to how these services can be used. The availability and usage of these services may vary in different operating system versions and configurations, so always check the system documentation before planning this kind of updating scheme. The system scheduler can, in most cases, be used to perform the report generation automatically. The following command adds a task to the system scheduler: at 12:00 /every:monday,tuesday,wednesday,thursday,friday "C:\Program Files\F-Secure\Policy Manager Reporting Option\schedule.bat" The at command can also be used remotely to schedule tasks on another computer. In this case, the computer name is included as the first parameter. at \\WORKSTATION1 12:00 /every:monday,tuesday,wednesday,thursday,friday "C:\Program Files\F-Secure\Policy Manager Reporting Option\schedule.bat" The following commands can be used in a batch script to make sure that the same task is not added multiple times: at find "schedule" if errorlevel 1 at 12:00 /every:monday,tuesday,wednesday,thursday,friday "C:\Program Files\F-Secure\Policy Manager Reporting Option\schedule.bat" Some versions of the system scheduler seem to require that the parameters be used in a certain order. The /interactive parameter should be the first parameter after the time. at 12:00 /interactive /every:monday,tuesday,wednesday,thursday,friday "C:\Program Files\F-Secure\Policy Manager Reporting Option\schedule.bat" 42

Using the System Scheduler Section 6.1 Please note the following: The correct path to schedule.bat should be inserted into the above examples. The correct installation directory path should be inserted into schedule.bat. The desired report configuration name should be inserted into schedule.bat. The /every parameter is used to schedule the update every workday. The list can easily be altered to define a different set of weekdays. Only one time can be defined for each task. Several different tasks must be created if several tasks per day are desired. The at command does not fit on a single line in the above examples. However, the command must be entered without any line-breaks. Some versions of the system scheduler seem to require that the name of the executable not contain spaces. This means that programs located under C:\Program Files\... must be referred to using short names as C:\PROGRA~1\... Also note that the extension.bat must be included. Administrative rights are usually needed to add scheduled tasks on Windows NT and 2000 systems. This may prevent adding tasks from the login-script, as this script runs with the end user s privileges. The system scheduler may be missing or may work differently in some versions of Windows. Please check the operating system documentation for more details. Some systems may also provide a scheduler that cannot be configured from the command line. 43

Chapter 6 Scheduling Report Generation 6.2 Scheduling Tasks in Windows In Windows 95/98/ME/NT4.0/2000/XP operating systems, you can schedule tasks using the Scheduled Task Wizard. To schedule a task: 1. Open the Scheduled Task Wizard. The location of the Scheduled Task Wizard depends on your Windows operating system (e.g. in Windows XP, click the Start menu and go to Settings->Control Panel->Scheduled Tasks->Add scheduled task). The Scheduled Task Wizard appears. Click Next to continue. 2. Click Browse. The Select Program to Schedule dialog box appears. Browse for the task you want to schedule and click Open. The wizard proceeds automatically to the next step. 44

Scheduling Tasks in Windows Section 6.2 3. Name the task (Windows offers the name of the scheduled program as a default), and select how often you want to perform this task. After you have made your choices, click Next to continue. 4. Select the time and day you want the task to start. After you have made your choices, click Next to continue. 45

Chapter 6 Scheduling Report Generation 5. Enter a user name and password. Click Next to continue. 6. The Scheduled Task Wizad displays a summary of the task you have scheduled. Click Finish to add this task to your Windows schedule. 46

Appendix A. XSL Templates A-1 Technology The F-Secure Policy Manager Reporting Option uses: Java API for XML Processing (JAXP) http://java.sun.com/xml W3C recommendation for the XSL Transformations (XSLT). http://www.w3.org/tr/xslt W3C recommendation for the XML Path Language (XPath). http://www.w3.org/tr/xpath 47

XSL Templates A-2 XSL Report Template Descriptions XSL Templates for Domain CSV Reports Alert Reports in domains/csv/alert/ Name Description Parameters alert-field-domain -csv.xsl alert-sum1- domain-csv.xsl alert-sum2- domain-csv.xsl Generates a report in CSV format. The report contains information on alerts by listing all alert description fields for alerts of all severities in a domain. Generates a report in CSV format. The report contains the summary information on alerts of every alert severity type in a domain. Generates a report in CSV format. The report contains the summary information of alerts of every alert severity type in a domain, grouped according to each host in the domain. See the separator variable. See the selected_time variable. See the separator variable. See the selected_time variable. See the separator variable. See the selected_time variable. 48

XSL Report Template Descriptions Antivirus Report Templates in domains/csv/av/ Name Description Parameters av-alert-fielddomain-csv.xsl av-alert-sum1- domain-csv.xsl av-alert-sum2- domain-csv.xsl av-db-updatedomain-csv.xsl av-db-domaincsv.xsl Generates a report in CSV format. The report contains information on virus alerts by listing all alert description fields for virus alerts and alerts of Security Alert severity in a domain. Generates a report in CSV format. The report contains the summary information on virus alerts of every alert severity type in a domain. Generates a report in CSV format. The report contains the summary information on virus alerts of every alert severity type in a domain, grouped according to each host in the domain. Generates a report in CSV format. The report contains information on antivirus installed in the host by listing antivirus description fields with a database update date. The report is grouped according to each host in a domain and sorted according to the database update date so that the oldest antivirus database update is the first. Generates a report in CSV format. The report contains information on all antivirus databases installed in the host by listing antivirus database description fields with a database update dates. The report is grouped according to each host in a domain and sorted according to the database update date so that the oldest antivirus databases are first. See the separator variable. See the selected_time variable. See the separator variable. See the selected_time variable. See the separator variable. See the selected_time variable. See the separator variable. See the separator variable. See the selected_time variable. 49

XSL Templates Certificate Report Templates in domains/csv/certificate Name Description Parameters certificate-field1- domain-csv.xsl certificate-field2- domain-csv.xsl certificate-field3- domain-csv.xsl certificate-field4- domain-csv.xsl certificate-sum1- domain-csv.xsl certificate-sum2- domain-csv.xsl Generates a report in CSV format. The report contains information on all VPN+ hosts with certificates in a domain, grouped according to each host in the domain and sorted by after the host name. Generates a report in CSV format. The report contains information on all VPN+ hosts with certificate requests in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in CSV format. The report contains information on all VPN+ hosts that are unable to send certificate requests in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in CSV format. The report contains information on all VPN+ hosts without certificates or requests in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in CSV format. The report contains summary information on all VPN+ hosts with certificates or certificate requests, those that are unable to send certificate requests and those without certificates or requests in a domain. Generates a report in CSV format. The report contains summary information on all VPN+ hosts with certificates or certificate requests, those that are unable to send certificate requests and those without certificates or requests in a domain, grouped according to each host in the domain. See the separator variable. See the separator variable. See the separator variable. See the separator variable. See the separator variable. See the separator variable. 50

XSL Report Template Descriptions Communication Report Templates in domains/csv/communication/ Name Description Parameters Generates a report in CSV format. The report contains information on hosts start time, status update time and policy update time in a domain, grouped according to each host in the domain. See the separator variable. Content Scanner Server Templates in domain/csv/css Name Description Parameters communicationdomain-csv.xsl css-alert-fielddomain-csv.xsl Generates a report in HTML format. The report contains information on security products, product versions and installation platforms installed in a host. See the selected_time variable. See the separator variable. 51

XSL Templates Distributed Firewall Report templates in domains/csv/dfw/ Name Description Parameters dfw-field-domaincsv.xsl dfw-sum1-domaincsv.xsl dfw-sum2-domaincsv.xsl Generates a report in CSV format. The report contains information on Distributed Firewall alerts by listing all dfw alert description fields for dfw alerts in a domain. Generates a report in CSV format. The report contains the summary information on Distributed Firewall alerts of every dfw alert number in a domain, grouped according to each dfw alert number. Generates a report in CSV format. The report contains the summary information on Distributed Firewall alerts of every dfw alert number in the domain, grouped according to each host in a domain. See the separator variable. See the selected_time variable. See the separator variable. See the selected_time variable. See the separator variable. See the selected_time variable. 52

XSL Report Template Descriptions Platform Report Templates in domains/csv/platform/ Name Description Parameters Generates a report in CSV format. The report contains information on the main properties of hosts that have alerts, grouped according to each host in a domain. Generates a report in CSV format. The report contains information on the main properties of hosts, grouped according to each host in a domain. Generates a report in CSV format. The report contains summary information on Operating Systems in a domain. See the separator variable. See the separator variable. See the separator variable. Problematic Report Templates in domains/csv/problematic/ Name Description Parameters platform-alertdomain-csv.xsl platform-fielddomain-csv.xsl platform-sumdomain-csv.xsl problematicdomain-csv.xsl Generates a report in CSV format. The report contains information on all problematic hosts in a domain. A host is considered a problematic host if it has unchecked alerts of Fatal Error severity, unchecked alerts of Security Alert severity, status update older than the defined date, policy update older than the defined date, a installed Anti-Virus database update older than the defined date, or a combination of the previous cases. All problematic hosts in the domain are included into the report and the problematic values are highlighted with red. See the separator variable. See the selected_time_ status_update variable. See the selected_time_ policy_update variable. See the selected_time_ avdb_update variable. 53

XSL Templates Product Report Templates in domains/csv/product/ Name Description Parameters product-fielddomain-csv.xsl product-platformfield-domaincsv.xsl product-platformsum-domaincsv.xsl product-sumdomain-csv.xsl Generates a report in CSV format. The report contains information on security products and product versions installed in a domain, grouped according to each host in the domain. Generates a report in CSV format. The report contains information on security products, product versions and installation platforms installed in a domain, grouped according to each host in the domain. Generates a report in CSV format. The report contains the summary information on security products and installation platforms installed in a domain, grouped according to version and installation platform of each product. Generates a report in CSV format. The report contains the summary information on security products installed in a domain, grouped according to version of each product. See the separator variable. See the separator variable. See the separator variable. See the separator variable. 54

XSL Report Template Descriptions XSL Templates for Domain HTML Reports Alert Report Templates in domains/html/alert/ Name Description Parameters alert-field-domainhtml.xsl alert-sum1-domain -html.xsl alert-sum2-domain -html.xsl Generates a report in HTML format. The report contains information on alerts by listing all alert description fields for alerts of all severities in a domain. Generates a report in HTML format. The report contains the summary information on alerts of every alert severity type in a domain. Generates a report in HTML format. The report contains the summary information of alerts of every alert severity type in a domain, grouped according to each host in the domain. See the selected_time variable. See the selected_time variable. See the selected_time variable. 55

XSL Templates Antivirus Report Templates in domains/html/av/ Name Description Parameters av-alert-fielddomain-html.xsl av-alert-sum1- domain-html.xsl av-alert-sum2- domain-html.xsl av-db-updatedomain-html.xsl av-db-domainhtml.xsl Generates a report in HTML format. The report contains information on virus alerts by listing all alert description fields for virus alerts and alerts of Security Alert severity in a domain. Generates a report in HTML format. The report contains the summary information on virus alerts of every alert severity type in a domain. Generates a report in HTML format. The report contains the summary information on virus alerts of every alert severity type in a domain, grouped according to each host in the domain. Generates a report in HTML format. The report contains information on antivirus installed in the host by listing antivirus description fields with a database update date. The report is grouped according to each host in a domain and sorted according to the database update date so that the oldest antivirus database update is the first. Generates a report in HTML format. The report contains information on all antivirus databases installed in the host by listing antivirus database description fields with a database update dates. The report is grouped according to each host in a domain and sorted according to the database update date so that the oldest antivirus databases are first. See the selected_time variable. See the selected_time variable. See the selected_time variable. See the selected_time variable. 56

XSL Report Template Descriptions Certificate Report Templates in domains/html/certificate/ Name Description Parameters certificate-field1- domain-html.xsl certificate-field2- domain-html.xsl certificate-field3- domain-html.xsl certificate-field4- domain-html.xsl certificate-sum1- domain-html.xsl Generates a report in HTML format. The report contains information on all VPN+ hosts with certificates in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in HTML format. The report contains information on all VPN+ hosts with certificate requests in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in HTML format. The report contains information on all VPN+ hosts that are unable to send certificate requests in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in HTML format. The report contains information on all VPN+ hosts without certificates or requests in a domain, grouped according to each host in the domain and sorted after the host name. Generates a report in HTML format. The report contains summary information on all VPN+ hosts with certificates or certificate requests, those that are unable to send certificate requests and those without certificates or requests in a domain. 57

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback