TrueSight Automation Console integrates with TrueSight Server Automation to identify, analyze, and remediate missing patches, vulnerabilities, and compliance violations in your environment.
IT operators and administrators use Automation Console to automate the patch, vulnerability, and compliance management process for Windows and Linux servers. Using Automation Console, operators can create operations for performing jobs in TrueSight Server Automation.
Organizations spend significant time and effort in monitoring a network of servers to keep track of the patches installed and configured on the servers, also known as assets. With application vendors releasing patches periodically, an organization invests a considerable amount of time in obtaining the released patches, evaluating the impact, identifying gaps, and eventually installing these patches. Most security breaches occur due to known but unpatched vulnerabilities. Typically, a patch administrator analyzes individual servers to determine the patches to be acquired and installed to comply with the organizational policies. This process involves significant time and manual effort.
Using Automation Console, an administrator imports patch catalogs from TrueSight Server Automation. These catalogs store patch metadata released by the vendors. An IT operator creates a patch policy based on a catalog, which runs a patching job in Server Automation. This job scans the assets according to the policy settings and identifies missing patches on assets. Operators can then create an operation to install missing patches, restart the assets, and send notifications after the operation is complete. Patch management is for the TrueSight Orchestration endpoint manager only.The end-to-end patch management process of identifying missing patches and installing them on the assets is done automatically by integrating seamlessly with TrueSight Server Automation. For more information about the TrueSight Server Automation patch management process, see .
Automation Console helps you maintain the integrity of enterprise computing by analyzing and remediating vulnerabilities across your environment. By establishing a connection with the endpoint manager, such as TrueSight Server Automation and TrueSight Network Automation, Automation Console enables you to remediate vulnerabilities on the assets such as servers ( in Server Automation) or network devices (in Network Automation) in your environment.
For managing vulnerabilities on network devices, your Automation Console version must be 21.02 enhancements.
If you use scanning systems such as Qualys, Rapid7, and Nessus, you can import a vulnerability scan file with assets and vulnerability data in Automation Console. After a successful import, the application automatically maps assets to endpoints in the endpoint manager, and maps vulnerabilities to the remediation content required to resolve the vulnerabilities. The most common types of remediation content are patches, NSH scripts, and packages. Operators can also map assets and vulnerabilities manually.
For the TrueSight Orchestration endpoint manager, you can automate the process of exporting scan files from Nessus and importing them into Automation Console by integrating with TrueSight Orchestration.
Operators can create operations that perform actions on assets to remediate vulnerabilities. For the TrueSight Orchestration servers,integrate with BMC Remedy IT Service Management (ITSM) to create change requests and implement an approval process. Administrators can also create exceptions for vulnerabilities to exclude specified vulnerabilities from remediation.
For more information about importing scans, mapping assets and vulnerabilities, managing exceptions, and performing remediation operations, see Using.
Automation Console provides role-based access to the application. Users access Automation Console based on the role assigned to them in TrueSight Server Automation. For details, see User roles and permissions.
Compliance is the process of determining whether the systems in your environment meet a specific standard. That standard might be a regulatory standard, such as DISA or SOX, or some type of internal standard defined by an organization.
You can now create a compliance scan policy in Automation Console, which scans the specified assets, and displays the compliance posture of the assets (which shows a percentage of compliant, non-compliant, and indeterminate assets) on the Risks > Compliance page. After identifying compliance violations on the scanned assets, you can create remediation operations to resolve the violated rules and make the assets compliant.
A new Compliance Dashboard shows the compliance posture, non-compliant assets by risk score, SLA, assets by stages of compliance, and other such metrics about the compliance evaluations on the assets in your environment. Compliance management is for the TrueSight Orchestration endpoint manager only.For more information about creating compliance scan policies, identifying assets with non-compliant violations, and remediation operations, see Using.