3.0.01: Service Pack 1

This section contains an overview of the enhancements in version 3.0.01 of TrueSight Vulnerability Management.


Creating exceptions on vulnerabilities and assets

In version 3.0.01, you can add exceptions on vulnerabilities and assets to exclude assets from remediation in scenarios such as the following:

  • You do not want certain vulnerabilities in your system to affect a set of assets because you plan to decommission those assets in the near future.
  • You do not want certain vulnerabilities in your system to affect a set of assets for a particular duration and remediate those assets during the maintenance window.

You can choose to add an exception on the basis of asset names or tags. After you add an exception, those assets are no longer affected by the selected vulnerabilities. You can add exceptions manually or import them. Later, you can enable, disable, or delete them depending on your requirements. For more information, see Managing exceptions.

The exceptions in your environment affect the statistics on the Operator Dashboard and Security Dashboard.

Mapping vulnerabilities for all imported security groups (Applicable for TrueSight Server Automation and TrueSight Network Automation)

In version 3.0, when a TrueSight Vulnerability Management user belonging to any security group performs mapping, vulnerabilities with CVE IDs under the security group context of the logged in user are auto-mapped and notification is shown to the user on the Activity Status page.

In version 3.0.01, vulnerabilities with CVE IDs under all imported security groups irrespective of the user (aligned to endpoint managers) are also mapped depending upon the following factors:

  • Whether a security group has permission to access the remediation content
  • Value of a property in the application.properties file

For more information, see Mapping vulnerabilities to remediation content.

Associating tags with a combination of vulnerability and asset

Earlier, you could associate a tag only with an asset. Now, you can associate a tag with a combination of vulnerability and asset as well. For more information, see Managing tags for vulnerabilities and assets


Filtering scan files by IP address range

When importing scan files from third-party vendors, you can filter the scan files by the IP address range. You can specify a single IP address range or multiple ranges as the filter criterion. For more information, see Importing scan files.


New system service to start deployment types on system startup and to start and stop all deployment types

Starting from version 3.0.01, TrueSight Server Automation installs a new system service on the application, Elasticsearch, and database nodes. On system startup, this system service starts the services for these deployment types automatically. 

In addition, you can use this system service to start and stop all of these deployment types using a single command. For example, if application and database are installed on the same computer, you can use this service to start and stop both of these deployment types using a single command. If application, Elasticsearch, and database are deployed on separate computers, this service identifies the deployment type installed and starts and stops the services for that deployment type. For more information, see Using the system service.

Requirements for integrating with endpoint managers and other BMC products

This section lists the requirements for the endpoint managers and other BMC products that TrueSight Server Automation integrates with.

Endpoint manager requirements


When connecting TrueSight Vulnerability Management version 3.0.01 to TrueSight Server Automation, TrueSight Network Automation, or SCCM, the following versions of endpoint managers are supported:

Endpoint managerSupported versions
TrueSight Server Automation
(Formerly known as BMC Server Automation)

8.9.04 
8.9.03
 
8.9.02

TrueSight Network Automation
(Formerly known as BMC Network Automation)

8.9.04
8.9.03

8.9.02

SCCMMicrosoft System Center 2017 Configuration Manager
  • Console version 5.0.8498.1700
  • Site version 5.0.8498.1000
  • Microsoft System Center 2016 Configuration Manager
    • Console version 5.0.8412.1313
    • Site version 5.0.8412.1000
  • Microsoft System Center 2012 Configuration Manager SP2
    • Console version 5.0.8239.1000
    • Site version 5.0.8239.1000
  • All supported versions of SCCM have the following additional requirements:

Compatibility with other BMC products

Some features of TrueSight Vulnerability Management version 3.0.01 work in conjunction with other BMC products and versions, as listed in the following table:

ProductVersion
BMC Discovery11.3
TrueSight Orchestration Platform (formerly known as BMC Orchestrator Platform)8.1
8.0
7.9
TrueSight Orchestration Content (formerly known as BMC Orchestrator Content)20.18.01
20.16.03
BMC Remedy ITSM9.1.03
8.1 SP2

Downloading, installing, and upgrading to the service pack

For download instructions, see Downloading the installation files. For installation instructions, see Installing.

You can upgrade to the version 3.0.01 from version 3.0. For more information, see Upgrading.

Related topics

Known and corrected issues

Release notes and notices

Was this page helpful? Yes No Submitting... Thank you

Comments