So you made it this far. Great! Let’s scan your network and publish a patch.
- Configure your Network Appliance Agent.
- Create a Network Appliance Group.
- Run a scan.
- Publish a patch.
Configure the Network Appliance Agent
- Navigate to Scanning -> Remote Scanning Via Agents -> Network Appliance Agents. Then right-click your NAA and choose ‘Edit Configuration’.
- On the ‘Configuration for Network Appliance Agent’ wizard, configure a check-in frequency and set your maximum simultaneous inspections. I’m running 30 simultaneous inspections on my dedicated scanning VM and haven’t noticed a significant amount of load.
Create a Network Appliance Group
- Navigate to Scanning -> Remote Scanning Via Agents -> Network Appliance Groups, then click “New Group”.
- Enter a name for the network group, then select a scan type. I chose scan type 1.
- On the ‘IP Networks’ tab, enter your gateway and netmask, then click “add”.
- On the ‘Agents’ tab, check the box next to your NAA.
- On the ‘Scheduling’ tab, configure your scanning schedule, choose “Scan group as soon as possible”, then click “Save”.
- Your network appliance group should now be included in the list.
Publish a Patch
- Once your scan results come in, navigate to Patch -> Secunia Package System (SPS). Right-click any software program highlighted in blue and choose “Create Update Package”.
- On ‘Step 1 of 4: Package Configuration’, click “Next”.
- My install skips step 2 for some reason. On ‘Step 3 of 4: Applicability Criteria – Paths’ click “Next”.
- On ‘Step 4 of 4: Applicability Criteria – Rules’ click “Publish”.
- Run a WSUS Repository synchronization in SCCM, and create a search folder for the vendor of the application you published a patch for. It should show up and be ready for deployment! Pretty cool!
So that’s the Secunia workflow. Stay tuned for a post on SCCM deployment of CSI host and PSI agents.