HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide Product overview... 3 Vulnerability scanning components... 3 Vulnerability fix and patch components... 3 Checklist... 4 Pre-installation planning... 4 Installing the Vulnerability and Patch Management Pack... 5 Configuration... 5 Scanning... 7 Patching... 8 Reporting... 9 Notification... 9 Adding a new target system... 9 Pre-installation planning... 11 Vulnerability and Patch Management Pack architecture... 11 Using an SSL certificate with IIS... 13 Preparing the target environment for Vulnerability and Patch Management Pack access... 14 Using the Vulnerability and Patch Management Pack with other ProLiant Essentials products... 14 Installing the Vulnerability and Patch Management Pack... 15 Installation tips... 15 Installing the VPM Acquisition Utility (optional)... 15 Configuring the Vulnerability and Patch Management Pack... 15 Acquiring patch updates... 15 Vulnerability scanning... 16 Scanning virtual machines... 16 Scanning client systems... 16 Maintaining vulnerability scan results... 16

Patching... 17 Deploying patches... 17 Patching virtual machines... 17 Patching client systems... 17 Setting up notifications... 18 For more information... 19

Product overview Malicious software security threats are becoming more frequent, more sophisticated, and more costly to businesses, draining billions of dollars in productivity, revenue, and corporate credibility each year. The vast majority of attacks, including automated worms, are performed against known vulnerabilities for which a patch or fix is widely known. Gain the upper hand in the war against hackers, worms, and trojan software that exploit software security vulnerabilities, using the HP ProLiant Essentials Vulnerability and Patch Management Pack, the all-in-one vulnerability assessment and patch management tool. The Vulnerability and Patch Management Pack enables you to: Enhance system lifecycle management by incorporating vulnerability assessment and patching as an integral part of the system management process Accelerate resolution of vulnerabilities by reducing the research time to understand the criticality of the vulnerability and the expected behavior for patches and fixes Reduce the risk of security threats by automating the acquisition, scheduling the deployment, and continuously enforcing the persistence (desired state) of patches As a key component of the Adaptive Infrastructure, HP developed the Vulnerability and Patch Management Pack to automate and simplify the scanning and patching of security updates over your network. The implementation of the Vulnerability and Patch Management Pack significantly reduces IT security concerns and costs associated with managing security in your environment. Use the information in this document to simplify the process when integrating these tools into a current IT infrastructure. To quickly get started scanning and patching, it is important to: Comprehend the technology required for the Vulnerability and Patch Management Pack Understand how the technology impacts the existing infrastructure Visualize examples of the technology at work Vulnerability scanning components The Vulnerability and Patch Management Pack utilizes Harris STAT Scanner, the only Common Criteria Certified scanner. STAT Scanner identifies and provides advice to resolve reported vulnerabilities. Vulnerability fix and patch components Vulnerability fix component The Vulnerability and Patch Management Pack utilizes HP OpenView patch management using Radia technology to deploy patches and configuration fixes. Patch repository The Vulnerability and Patch Management Pack repository contains all of the patches that have downloaded. Patch acquisition The Vulnerability and Patch Management Pack provides an acquisition utility that connects to the selected vendor website, downloads patch information and patch files, and places this information in the Vulnerability and Patch Management Pack database. Patch agent The VPM Patch Agent is automatically deployed when target systems are licensed to allow patches to be applied to the systems. 3

Checklist See the following checklist to install and use the Vulnerability and Patch Management Pack. Additional information about the procedures in this checklist is included later in this document, in the HP ProLiant Essentials Vulnerability and Patch Management Pack User Guide, and in the HP Systems Insight Manager Installation and User Guide. Be sure to have this documentation available when completing the procedures in this checklist. If you encounter any issues while performing the tasks in this checklist, see the Troubleshooting appendix in the user guide or to the release notes. Pre-installation planning 1. Ensure that all Vulnerability and Patch Management Pack requirements have been met. See the Requirements chapter in the user guide. 2. Determine the appropriate Vulnerability and Patch Management Pack infrastructure for your server environment. See the Vulnerability and Patch Management Pack architecture section in this guide. 3. If you choose to switch databases during an upgrade to use an existing Microsoft SQL Server database, patch data from the previous database is not migrated. A full patch acquisition must be performed to repopulate the patch repository. See the Installation and configuration chapter in the user guide for instructions. 4. Determine if you will use Microsoft Internet Information Services (IIS) Certificate Services. If so, see the Using an SSL certificate with IIS section in this guide. 5. Determine how VPM patch updates will be acquired, from either the VPM server or using the VPM Acquisition Utility. See the Acquiring patch updates section in this guide. 6. Be sure that the target operating system is identified correctly in HP Systems Insight Manager (HP SIM). To ensure that target systems can be properly identified in HP SIM: o For ProLiant systems, install HP Management Agents. o For third-party systems running Microsoft Windows, configure for Windows Management Instrumentation (WMI) access. o For third-party systems running Linux, install and configure SNMP. See the Preparing the target environment for Vulnerability and Patch Management Pack access section in this guide. 7. If you already have other ProLiant Essentials products installed, see the Using the Vulnerability and Patch Management Pack with other ProLiant Essentials products section in this guide. 8. Configure the following to ensure that the Vulnerability and Patch Management Pack has appropriate accessibility to function properly: o Your proxy server and firewall must allow both FTP and HTTP access. o The appropriate ports are must be open. See the Troubleshooting appendix in the user guide for details. 4

9. Optionally, sign up for e-mail notifications of vulnerability definition updates or Vulnerability and Patch Management Pack updates at http://www.hp.com/go/swupdate. 10. Determine the appropriate time and frequency to perform scans and deploy patches, and the number of systems to include in each scan based on your needs. See the Vulnerability scanning and Patching sections in this guide for information. Installing the Vulnerability and Patch Management Pack 1. Install the Vulnerability and Patch Management Pack from the HP installation media or the Vulnerability and Patch Management Pack download website. See the Installation and configuration chapter in the user guide for instructions. 2. Optionally, if the VPM Acquisition Utility will be used to obtain patch updates, install the VPM Acquisition Utility. See the Installation and configuration chapter in the user guide for instructions. Configuration 1. Access the HP SIM console. See the HP Systems Insight Manager Installation and User Guide for information about accessing and using HP SIM. 2. Perform a discovery to locate and identify target systems in the network that can be used with the Vulnerability and Patch Management Pack. See the HP Systems Insight Manager Installation and User Guide. 3. Configure the default Web Based Enterprise Management (WBEM) settings of each target system with credentials that allow privileged access for scanning and patching. o Select Options>Protocol Settings and either Global Protocol Settings or System Protocol Settings from the HP SIM toolbar. o Verify that the Enable WBEM checkbox is selected. o VPM uses the Default WBEM settings differently for each operating system. In the Default 1 field, enter Windows account credentials with administrator privileges. o In the Default 2 field, enter Linux account credentials with administrator privileges. o To configure individual node settings on a per-node basis, credentials are only required in the first field. See the Installation and configuration chapter in the user guide. WBEM settings might be effected by: o The global protocol settings o The individual target system protocol settings o The manual discovery protocol settings 5

4. Verify that operating system and hardware information for target systems is displayed correctly in HP SIM. If this information is not displayed correctly, verify that the HP Management Agents are installed and configured correctly, and then perform another discovery. Alternately, the operating system and hardware information can be manually updated in HP SIM. 5. Configure your Vulnerability and Patch Management Pack settings. See the Installation and configuration chapter in the user guide. 6. Determine which operating systems you will be patching so that appropriate patch updates can be acquired. 7. If Red Hat patches will be applied, verify the Red Hat library, compat-libstdc++, is installed on the Red Hat target systems. 8. If Red Hat patch acquisitions will be run from VPM or the VPM Acquisition Utility, configure Red Hat Enterprise Linux acquisition settings. See the Installation and configuration chapter in the user guide. 9. Optionally, if the VPM Acquisition Utility will be used, configure the utility with the appropriate patch source, directory structure, and proxy information. See the Acquiring patch updates section in this guide. 10. Acquire the latest Vulnerability and Patch Management Pack updates. Progress of the acquisition can be monitored at C:\Program Files\HP\VPM\Radia\IntegrationServers\ logs\patch-acquire.log. See the Installation and configuration chapter in the user guide. 11. Determine the time and frequency to perform regular patch acquisitions to ensure that the Vulnerability and Patch Management Pack is always up to date with the latest security information. See the Acquiring patch updates section in this guide. 12. Apply VPM licenses to servers and client systems that will be used with VPM. See the Licensing chapter in the user guide. 6

Scanning 1. Determine what types of Vulnerability and Patch Management Pack provided scans you will use to scan licensed target systems in your environment. See the Vulnerability and Patch Management Pack provided scan definitions appendix in the user guide for information about provided scans. 2. Optionally, use the provided scans to create new scan definitions customized for your particular needs. See the Vulnerability scanning chapter in the user guide for instructions. o If you will be scanning virtual machines, see the Scanning virtual machines section in this guide. o If you will be scanning client systems, see the Scanning client systems section in this guide. 3. Determine the appropriate time and frequency to perform scans and the number of systems to include in each scan based on your needs. See the Vulnerability scanning section in this guide for information. 4. Perform a vulnerability scan by selecting Diagnose>Vulnerability and Patch Management>Scan>Scan for Vulnerabilities from the HP SIM toolbar. For additional instructions, see the Vulnerability scanning chapter in the user guide. 5. Review the scan reports. To access scan reports either: o Access from the VPM scan completion event in the HP SIM events list. o From the HP SIM toolbar, select Diagnose>Vulnerability and Patch Management>Scan. View the scan report either by the scan name or by system. o Click the VPM status icon in the system list in HP SIM. NOTE: You must have Adobe Reader 3.x or later installed to view scan reports. 6. Optionally, maintain your scan reports. See the Maintaining vulnerability scan results section in this guide. o Back up your scan reports and patch entitlement data regularly to preserve scan and patch history. This data is located at C:\Program Files\HP\Systems Insight Manager\hpwebadmin\webapps\ROOT\ mxportal\home\statscanner. o Delete scan reports as necessary to free space. 7

Patching 1. Determine which patches to install by reviewing the scan results. o Determine criticality of the patches to decide if patches must be deployed promptly or if deployment can wait for the next available maintenance window. o o Vulnerability scans might indicate the need for a particular patch when a superseding patch has already been applied. The indicated patch will be ignored during patch deployment and listed as not applicable in the patch completion event. Scan results might list vulnerabilities with no checkbox. This condition indicates that a manual configuration fix is required to correct the vulnerability. Details to perform the manual fix are listed in the vulnerability scan results. 2. Some patches might have adverse effects on your applications. Always test patches before deploying them in a production environment to ensure that there are no negative effects. 3. If patches requiring the target system to be rebooted have been applied, and reboots were deferred, verify the reboot status by selecting Diagnose>Vulnerability and Patch Management>View Patch Reboot Status. Reboot systems as indicated at an appropriate time. NOTE: Do not enable the accept/reject reboot option for servers. 4. Deploy patches and configuration fixes after a vulnerability scan has been completed by selecting Deploy>Vulnerability and Patch Management. See the Deploying patches and fixes chapter in the user guide. Alternatively, you can deploy patches without first performing vulnerability scans. o If you will be patching virtual machines, see the Patching virtual machines section in this guide. o If you will be patching client systems, see the Patching client systems section in this guide. 5. Validate the patches installed on target systems. o View the VPM patch completion event in the HP SIM events list to verify that the patch was applied. If the patch completion event does not exist, be sure the VPM Patch Agent is installed on the target system. Validate this from the HP SIM events list or from the target system. o Schedule a regular patch validation task to automatically verify that patches are appropriately installed on target systems. o View the installed patches for a specific system by selecting Diagnose> Vulnerability and Patch Management>View Patch Installation Status>View Patches Installed by VPM. 8

Reporting View consolidated reports showing patch installation status for all systems managed by the Vulnerability and Patch Management Pack. You can view reports by systems or patches. A search filter is also available to view the status of a particular patch on a particular system. o To view patch reports by patch, select Diagnose>Vulnerability and Patch Management>View Patch Installation Status>View by Patch. o o To view patch reports by system, select Diagnose>Vulnerability and Patch Management>View Patch Installation Status>View by System. To view patch reports using a search filter, Diagnose>Vulnerability and Patch Management>View Patch Installation Status>View by Search Filter. See the Viewing patch installation status section in the user guide. Notification Optionally, configure HP SIM notification settings to alert you when designated Vulnerability and Patch Management Pack events occur. See the Setting up notifications section in this guide for information about setting up notifications. Adding a new target system 1. Configure global WBEM server credentials for the user account. Enter Windows account credentials with administrator privileges in the Default 1 field and Linux account credentials with administrator privileges in the Default 2 field. To configure individual node settings on a per-node basis, credentials are only required in the first field. See the Installation and configuration chapter in the user guide. NOTE: If the account is in a domain different from the target system, append the domain name to the user name. 2. Be sure that the target system operating system is identified correctly in HP SIM. o For ProLiant systems, install the HP Management Agents. o o For third-party systems running Windows, configure for WMI access. For third-party systems running Linux, install and configure SNMP. See the Preparing the target environment for Vulnerability and Patch Management Pack access section in this guide. 3. Apply Vulnerability and Patch Management Pack licenses to servers and client systems that will be used with the Vulnerability and Patch Management Pack. See the Licensing chapter in the user guide. 4. Optionally, add new systems to scheduled vulnerability scans and validation tasks. See the HP Systems Insight Manager Installation and User Guide. 9

5. Ensure that the VPM Patch Agent is installed on the target system before patching. The VPM Patch Agent is automatically installed when a system is licensed. Agent installation can be verified by viewing the HP SIM events list or the services running on the target system. 6. If Red Hat patches will be applied, verify the Red Hat library, compat-libstdc++, is installed on the Red Hat target systems. 10

Pre-installation planning Vulnerability and Patch Management Pack architecture Determine the appropriate Vulnerability and Patch Management Pack infrastructure for your server environment. Shared configuration Installing HP SIM and the Vulnerability and Patch Management Pack on a single server greatly simplifies the security configuration by keeping all components on a single host, eliminating any system requests and responses over the open network. Credential coordination, although necessary between applications, does not have to extend beyond the boundaries of the single hosting system. Figure 1. A single-node configuration Figure 2. A single-node configuration with the VPM Acquisition Utility The Vulnerability and Patch Management Pack provides an optional acquisition utility that connects to the selected vendor website and downloads patch information and patch files. This information can then be imported to the VPM server in the Vulnerability and Patch Management Pack database. Acquisitions can be run either from the VPM server in situations when the VPM server has direct access to the Internet or using the VPM Acquisition Utility installed on another system. 11

If you do not have the server capacity to operate and maintain both the HP SIM and Vulnerability and Patch Management Pack applications on a single server or if it is necessary for the VPM server to be located in the demilitarized zone (DMZ) so it has Internet accessibility, you can split these applications by migrating to a distributed server configuration. Distributed configuration When HP SIM and the Vulnerability and Patch Management Pack create too great of a load for a single system or when it is necessary for the VPM server to be in the DMZ to access patches and updates from the Internet, each component can be installed on separate systems, with the vulnerability scanning and patching functions relegated to a second host system. In this distributed configuration, additional security settings should be established and synchronized across applications before their installation. See the HP ProLiant Essentials Vulnerability and Patch Management Pack Server Security Recommendations white paper at http://www.hp.com/go/vpm for additional information about Vulnerability and Patch Management Pack security. Figure 3. A distributed configuration across two systems 12

Figure 4. A distributed configuration across three systems with the VPM Acquisition Utility As in a single-node configuration, the optional VPM Acquisition Utility can be installed and configured on a separate system. The utility connects to the selected vendor website and downloads patch information and patch files. This information can then be imported to the VPM server in the Vulnerability and Patch Management Pack database. Acquisitions can be run either from the VPM server in situations when the VPM server has direct access to the Internet or using the VPM Acquisition Utility installed on another system. Distributed configuration with a separate database In this configuration, the HP SIM database is installed on a separate server than both HP SIM and the Vulnerability and Patch Management Pack. This configuration is supported for use with the Vulnerability and Patch Management Pack. See the HP Systems Insight Manager Installation and User Guide for information about and requirements for this configuration. Using an SSL certificate with IIS An SSL certificate can be used with IIS to provide additional security when using a distributed configuration. To use IIS Certificate Services with the Vulnerability and Patch Management Pack: Enable the HP SIM Trust by SSL certificate option. In a distributed configuration, an extra level of access control can be enabled in HP SIM to allow connections only from certain systems, depending on the acquisition and deployment of SSL certificates. For more information, see Understanding HP Systems Insight Manager Security in the HP SIM Information Library at http://www.hp.com/go/hpsim. Install the VPM server SSL certificate. In the distributed environment, requests for Vulnerability and Patch Management Pack actions from HP SIM should be protected with an HTTPS link. Ensure that the HTTPS link is established by placing an SSL certificate in the IIS Web service certificate store. For more information about IIS Certificate Services, see either of the following sources: http://msdn.microsoft.com/library/default.asp?url=/library/en-s/secmod/html/secmod30.asp http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/ maintain/featusability/c06iis.mspx 13

Preparing the target environment for Vulnerability and Patch Management Pack access HP ProLiant target servers To set up HP ProLiant target servers for Vulnerability and Patch Management Pack access: 1. Install the HP Server Management Agents from the latest HP ProLiant Support Pack available at http://h18023.www1.hp.com/support/files/server/us/index.html. 2. On a Windows server: Verify that a valid SNMP read community string exists. Install and configure WMI for HP SIM WBEM/WMI Mapper access. 3. On a Linux server, verify that a valid SNMP configuration exists. HP desktop and notebook target systems 1. Install the HP Client Management Agents from the latest HP ProLiant Support Pack, available at http://h18023.www1.hp.com/support/files/server/us/index.html. 2. Install and configure WMI for HP SIM WBEM/WMI Mapper access. 3. Install any necessary management drivers. 4. Optionally, install Desktop Management Interface (DMI) for additional discovery and identification purposes. Third-party target servers 1. Install third-party server manageability agents. 2. Install and configure WMI for HP SIM WBEM/WMI Mapper access. 3. For Linux servers, verify that a valid SNMP configuration exists. 4. Verify that HP SIM has a System Type Manager (STM) discovery and identification rule for this brand of system. Third-party desktop target systems 1. Install third-party client manageability agents. 2. Install and configure WMI for HP SIM WBEM/WMI Mapper access. 3. Install any necessary management drivers. 4. Optionally, install DMI for additional discovery and identification purposes. 5. Verify that HP SIM has an STM discovery and identification rule for this brand of system. Using the Vulnerability and Patch Management Pack with other ProLiant Essentials products For information and guidelines about installing the Vulnerability and Patch Management Pack with other HP ProLiant Essentials software products, see the following documentation: The HP ProLiant Essentials Software Evaluation Guide located at ftp://ftp.compaq.com/pub/products/servers/proliantessentials/essentialsevaluationguide.pdf. The HP ProLiant Essentials Management Software Installation and Configuration Guide located in the HP SIM Information Library at http://www.hp.com/go/hpsim. Ensure that you have the latest versions of software installed, including any available service pack updates. To check for available software updates, visit the product websites, accessible from http://www.hp.com/servers/proliantessentials. 14

Installing the Vulnerability and Patch Management Pack Installation tips Because of the lack of throughput, HP recommends not installing the Vulnerability and Patch Management Pack on a virtual machine guest. Exercise care when installing the Vulnerability and Patch Management Pack components on systems with other large management applications, such as: Microsoft Operations Manager (MOM) Computer Associates (CA) Unicenter Tivoli TME Exercise care when installing the Vulnerability and Patch Management Pack with other applications that use IIS. HP recommends not installing the Vulnerability and Patch Management Pack on Active Directory servers, domain servers, or DNS servers. Network configuration must allow bi-directional access between the VPM server and target systems. The Vulnerability and Patch Management Pack relies heavily on a correctly configured network infrastructure, including unique names and addresses and valid routes. Installing the VPM Acquisition Utility (optional) The VPM Acquisition Utility is used to download updates and patches from a separate system that can reach operating system vendor websites and acquire patches from the Internet. This utility can be used when the VPM server does not have direct access to the Internet. To install and configure the VPM Acquisition Utility, see the Installation and configuration chapter in the user guide. Configuring the Vulnerability and Patch Management Pack Acquiring patch updates The Vulnerability and Patch Management Pack provides an acquisition utility that connects to the selected vendor website, downloads patch information and patch files, and places this information in the Vulnerability and Patch Management Pack database. Acquisitions can be run either from the VPM server in situations when the VPM server has direct access to the Internet or using the VPM Acquisition Utility installed on another system. The VPM Acquisition Utility can be installed on any system with Internet access to acquire vulnerability and patch updates. No other Vulnerability and Patch Management Pack components or database software is required to be installed on the system to download vulnerability and patch updates. To install and configure the VPM Acquisition Utility, see the Installation and configuration chapter in the user guide. After the Vulnerability and Patch Management Pack is installed for the first time, complete a patch acquisition to update the information in the Vulnerability and Patch Management Pack database. Also, perform patch acquisitions on a regular basis to obtain new vulnerability scan definitions and patches, ensuring that the Vulnerability and Patch Management Pack is always up to date with the latest security information. 15

Vulnerability scanning Scanning virtual machines Virtual machines can be scanned and patched using the Vulnerability and Patch Management Pack. However, extra time might be required, and there is no coordination when the virtual hosts and virtual machines are patched and rebooted, when necessary. HP recommends monitoring your virtual environment when applying patches. Scanning client systems Vulnerability scans and patch deployments complete at a much faster rate on client systems than when performed on servers or virtual machines. In normal circumstances, Vulnerability and Patch Management Pack tasks can be performed on many client systems at once without causing bandwidth issues. Maintaining vulnerability scan results Vulnerability scan report data is located at C:\Program Files\HP\Systems Insight Manager\ hpwebadmin\webapps\root\mxportal\home\statscanner. Back up your scan reports and patch entitlement data regularly to preserve scan and patch history. Based on your individual needs and disk drive availability, determine how long you will retain your scan reports. When scan reports are no longer needed, they can be deleted by selecting Diagnose>Vulnerability and Patch Management>Scan and selecting either View Results by Scan Name or View Results by System from the HP SIM toolbar. Vulnerability and Patch Management Pack scan results can be deleted for a specified scan or an individual system. NOTE: Removing scan results will break the links to the results in the events list and the systems list. Run another scan to create new results for the system. 16

Patching Deploying patches When a patch deployment is selected for a group of systems, such as a patch deployment based on a vulnerability scan, the patch might not be applicable for all systems included in the scan. Also, some patches selected might be missing components or updates in the VPM patch repository. These patches are applied as applicable, but a failure message is logged for targets for which the patch is not applicable or incomplete. Review the patch information from the vendor for details about affected products to determine what patches are applicable, and verify that the patch has been acquired from the patch acquisition log to determine the cause when a patch cannot be deployed. Required reboots after a patching session can be deferred to coincide with an available maintenance window. In addition, reboots can be optionally configured to display an accept or reject prompt at each console before rebooting. HP recommends performing required reboots as soon as possible because the status of patched systems might be unstable when a required reboot is deferred. Applying additional patches or installing other software before a required reboot has been performed can cause system issues. Patching virtual machines Virtual machines can be scanned and patched using the Vulnerability and Patch Management Pack. However, extra time might be required and there is no coordination when the virtual hosts and virtual machines are patched and rebooted, when necessary. HP recommends monitoring your virtual environment when applying patches. Patching client systems Vulnerability scans and patch deployments complete at a much faster rate on client systems than when performed on servers or virtual machines. In normal circumstances, Vulnerability and Patch Management Pack tasks can be performed on many client systems at once without causing bandwidth issues. 17

Setting up notifications HP SIM enables you to configure e-mail or pager notifications to alert designated users when specified events occur in HP SIM. Understand the notification methods. You will receive much more detailed information if you receive e-mail notifications rather than pager notifications. All Vulnerability and Patch Management Pack events are listed in detail in the Vulnerability and Patch Management Pack event appendix in the user guide. Carefully consider your needs to determine how frequently and for which specific events you want to receive notification. For example, settings can be configured based on the following criteria: Scan completion events Statistics can be sent for each individual node included in a vulnerability scan, or a single notification can be sent after the vulnerability scan event has entirely completed, including statistics for all of the nodes included in the scan. Event severity Notifications can be sent based on the success or failure of events, such as when a patch deployment event has failed. Patch completion events Statistics can be sent for each individual node included in a patch deployment, or a single notification can be sent after the patch deployment event has entirely completed including statistics for all of the nodes included in the deployment. Generally, you will want to configure notifications only when a patch deployment has failed. Acquisition events Notifications can be sent when updated vulnerability definitions or STAT scan data has been acquired. To configure notification settings in HP SIM: 1. Select Options>Events>Automatic Event Handling. 2. Select E-mail Setting to specify settings for sending e-mail notifications, or select Modem Settings to specify settings for sending pager notifications. 3. Select Options>Events>Automatic Event Handling>Manage Tasks to add or edit an automatic event-handling task. 4. Click New to configure a new event-handling task, or click Edit to revise an existing task. 5. Complete the wizard screens, designating what specific events will trigger alerts and what notification method to use. 6. Click Finish to save changes. 18

For more information For more information about the Vulnerability and Patch Management Pack, see: http://www.hp.com/go/vpm HP ProLiant Essentials Vulnerability and Patch Management Pack User Guide HP ProLiant Essentials Vulnerability and Patch Management Pack Quick Setup Poster HP ProLiant Essentials Vulnerability and Patch Management Pack Support Matrix HP ProLiant Essentials Vulnerability and Patch Management Pack Release Notes For more information about HP Systems Insight Manager, see: http://www.hp.com/go/hpsim HP Systems Insight Manager Installation and User Guide HP Systems Insight Manager Help Guide To help ease the implementation of your new vulnerability scanning and patching solution, HP Global Services is available for consultation. Collaborating with leading technology providers to deploy and support state-of-the-art infrastructure solutions, HP Global Services have proven capabilities to help you extend your network infrastructure. For more information about HP Global Services, see the following website at www.hp.com/services. 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Adobe is a trademark of Adobe Systems Incorporated. Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation. Linux is a U.S. registered trademark of Linux Torvalds. STAT is a registered trademark of Harris Corporation. 4AA0-0906ENUS, August 2006