×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.
TrueSight Vulnerability Management 3.1 Planning

Recommendations for adopting TrueSight Vulnerability Management

This topic provides recommendations for adopting TrueSight Vulnerability Management:

Security recommendations

For controlling access to the TrueSight Vulnerability Management user interface and its underlying objects and operations, you can use existing RBAC controls in endpoint managers. RBAC defines users and roles and the access they have to managed objects (known as "targets" in TrueSight Vulnerability Management). RBAC defines what actions users can perform on targets. BMC recommends creating a security group for each role that requires access to TrueSight Vulnerability Management. If you have users that understand the roles to which they are assigned and the actions those roles can perform, you can assign a name to each security group that aligns with its corresponding role in endpoint managers.

Operations and capabilities of your operators

As you adopt TrueSight Vulnerability Management, take some time to discover exactly how functionality is exposed to end users and consider whether it may be beneficial to review your current working practices. TrueSight Vulnerability Management provides a simple user interface that allows operators to create operations, but which  requires users to set targets and job properties. For more information, see Creating a Remediation operation.

Simplifying the operator's job in TrueSight Server Automation

Administrators can take the following actions to simplify the end-user experience in TrueSight Vulnerability Management.

Naming for underlying content and jobs

Although it is possible for TrueSight Vulnerability Management operators to use the interface to investigate what a job or piece of content does, it is easier for the operator if the description of the job or content makes the purpose clear. When naming content and the folder structures that hold content in TrueSight Server Automation, adopt descriptive naming schemes and conventions that make it easy for your operators to search for and identify what they need.

Setting default folders for operators

Operators typically have a task to perform and do not want to be confused by unnecessary steps or terminology.  Administrators can shield end users from some complexity by setting up default folders and directories where the TrueSight Vulnerability Management creates content inside TrueSight Server Automation (for example, new jobs or depot items that are created as a result of TrueSight Vulnerability Management operations). You can set default folders at the security group level, where the generated content is stored in default folders that are defined for each security group. See Managing security groups

Where to go from here

Review the other topics in the Planning page.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Apr 12, 2019

Comments

Log in or register to comment.

Planning
Pre-deployment considerations
© Copyright 2013 - 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.