Updates to Security Products Inventory and Virtual Infrastructure Management
BCM supports OPSWAT Endpoint Security Integration SDK (OESIS) framework v4, an OEM technology, that is used to gather security inventory information from BCM managed devices. OPSWAT v4 introduces support for some new Security Products Inventory types, no longer supports some of the earlier inventory types, and has updated the Virtual Infrastructure Management.
See the OESIS v4 website for more detailed information.
This topic lists the changes as a result of upgrading the OPSWAT v4.
- What's changed in BCM after upgrading to OPSWAT v4?
- Operating systems affected
- Viewing OPSWAT v4 entries
- Updates to Security Products Inventory types with OPSWAT v4
- Operational rules
- Queries
- Compliance Management
- Reports
- Security Products support matrix
- Virtual Infrastructure Management
- View Database log files
What's changed in BCM after upgrading to OPSWAT v4?
- New Security Products Inventory types
- Unsupported Security Products Inventory types
- Operational rules using new Security Products Inventory types
- Operational rules using new browser operations
- Unsupported browser operations in operational rules
- Queries using new inventory types
- Compliance rules using new inventory types
- Reports using new inventory types
- Virtual Infrastructure Management
- View database log files
Operating systems affected
- Linux (64 bit and 32 bit)
- Windows (64 bit and 32 bit)
- MAC OS X
Viewing OPSWAT v4 entries
After upgrading to BCM 12.6, verify that the Update Manager displays the Security Product and Virtualization v4. The status must be Up to Date.
Updates to Security Products Inventory types with OPSWAT v4
This section lists the updates to the Security Products Inventory types after upgrading to OPSWAT v4.
The Security Products inventory list is updated to add some new inventory types, while some existing inventory types are no longer supported in OPSWAT v4.
OPSWAT v3 | OPSWAT v4 | What's changed in OPSWAT v4 |
|---|---|---|
P2P | Public File Sharing | Renamed |
Antivirus/Antispyware | Antimalware | Categories merged |
URL Filtering |
| Not supported |
DeviceAccessControl |
| Not supported |
SoftwareSuite |
| Not supported |
DesktopSharing |
| Not supported |
SystemManagement |
| Not supported |
| CloudStorage | New Inventory type |
The Security Products list reflects the updated categories that are supported by OPSWAT v4.
Operational rules
This section explains the changes to operational rules that are defined with the Security Products Inventory types.
With OPSWAT v4, some browser operations are not supported, while some browser-related parameters are merged into new parameters.
The following steps that are used to create operational rules are not supported:
- Set Browser Home Page
- Set Default
- Check Antivirus presence
- Check Antivirus signature File Date
While creating operational rules from the steps listed under Security Products Management, BCM displays the supported steps.
The following browser-related parameters that you see while defining operational rule steps have changed:
OPSWAT v3 | OPSWAT v4 | What's changed in OPSWAT v4? |
|---|---|---|
Delete History | Delete Browsing History | No Change |
Delete Cache | Delete Cache | No change |
Delete Addresses |
| Merged with Delete Browsing History |
Delete Passwords |
| Merged with Delete Forms and Passwords Data |
Delete Form Data | Delete Forms and Passwords Data | No Change |
Delete Download History | Delete Download History | No Change |
The Operational rule step displays the new browser-related parameters.
Queries
This section describes the changes to queries because of some changes to the Security Products Inventory type.
BCM ensures that queries based on criteria that not supported by OPSWAT v4 are retained in BCM 12.6 or later.
Queries built on inventory types that are merged into a new inventory type. The antivirus and anti-spyware inventory types are merged into the antimalware inventory type in OPSWAT v4. BCM ensures that merged inventory types (antivirus/anti-spyware) point to the corresponding new inventory type (antimalware) in BCM 12.6 and later. During the upgrade, BCM merges data from the Antivirus and Anti-spyware into the Antimalware table.
Queries built on inventory types that are not supported in OPSWAT v4, are retained. The data is available in the BCM database, even though devices upgraded to BCM 12.6 or later do not upload information for the unsupported inventory types to the BCM database.
As a BCM administrator, there are no changes because of updates to the inventory type.
Compliance Management
This section describes the changes to compliance rules because of some changes to the Security Products Inventory type.
After upgrading to BCM 12.6 or later, under the Out of the Box compliance rules, BCM ensures that older compliance rules are retained in addition to the new entries for Antimalware. During the upgrade, BCM merges data from the Antivirus and Anti-spyware into the Antimalware table.
BCM ensures that antivirus and anti-spyware inventory data is merged into antimalware in the BCM database. So, BCM 12.6 or later displays both inventory types with the same data. You can continue to use the same compliance reports either by renaming the rule name or creating a new one.
Reports
This section describes the changes to reports because of some changes to the Security Products Inventory type.
BCM ensures that older reports based on antivirus and anti-spyware are retained after upgrading to BCM 12.6 or later. During the upgrade, BCM merges data from the Antivirus and Anti-spyware into the Antimalware table. The important change is that all report data for Antivirus and Anti-spyware data is now stored in the Antimalware table. The older reports can still be used after the upgrade.
For a BCM administrator, there are no changes to reports because of updates to the inventory type.
Security Products support matrix
The table shows the supported security products across different operating systems.
Security Products | Windows (BCM 12.6) | Windows (BCM 12.5) | Linux (BCM 12.6) | Linux (BCM 12.5) | macOS (BCM 12.6) | macOS (BCM 12.5) |
|---|---|---|---|---|---|---|
PUBLIC FILE SHARING (P2P) |
|
|
|
|
|
|
BACKUP |
|
|
|
|
|
|
ENCRYPTION |
|
|
|
|
|
|
ANTIPHISHING |
|
|
|
|
|
|
ANTIMALWARE |
|
|
|
|
|
|
BROWSER |
|
|
|
|
|
|
FIREWALL |
|
|
|
|
|
|
MESSENGER |
|
|
|
|
|
|
CLOUD STORAGE |
|
|
|
|
|
|
UNCLASSIFIED |
|
|
|
|
|
|
DATA LOSS PREVENTION |
|
|
|
|
|
|
PATCH MANAGEMENT |
|
|
|
|
|
|
VPN CLIENT |
|
|
|
|
|
|
VIRTUAL MACHINE |
|
|
|
|
|
|
HEALTH AGENT |
|
|
|
|
|
|
Virtual Infrastructure Management
With the upgrade to OPSWAT v4, there is improvement in the BCM agents performance to discover virtual machines on a device that hosts a hypervisor.
View Database log files
The DatabaseUpgrade.log file logs the database changes that happened during the BCM upgrade. You can view the database log file after the upgrade is complete.
A sample log file.
2017/03/28 11:27:58 Vision64Database I [10004] -------- OpswatV4 Migration Start
2017/03/28 11:27:58 Vision64Database I [10004] Add a new table SPMInv_ObjType_819 for Cloud Storage object
2017/03/28 11:27:58 Vision64Database I [10004] Antivirus object is renamed Antimalware
2017/03/28 11:27:58 Vision64Database I [10004] Merge Antispyware and Antivirus data into Antimalware table
2017/03/28 11:27:58 Vision64Database I [10004] The compliance rule Anti-Spyware Installation has been modified to use Antimalware table/attributes instead of Antispyware
2017/03/28 11:27:58 Vision64Database I [10004] The compliance rule Anti-Spyware Update has been modified to use Antimalware table/attributes instead of Antispyware
2017/03/28 11:27:58 Vision64Database I [10004] The compliance rule AntiSpyware has been modified to use Antimalware table/attributes instead of Antispyware
2017/03/28 11:27:58 Vision64Database I [10004] The device group AntiSpyware (Compliant) has been set to inactive, it is dynamically populated with a modified compliance rule
2017/03/28 11:27:58 Vision64Database I [10004] The device group AntiSpyware (Not Compliant) has been set to inactive, it is dynamically populated with a modified compliance rule
2017/03/28 11:27:59 Vision64Database I [10004] The IAntispyware object has been removed
2017/03/28 11:27:59 Vision64Database I [10004] The SPMInv_ObjType_802 table has been dropped
2017/03/28 11:27:59 Vision64Database I [10004] The operational rule step Check Default Browser is disabled
2017/03/28 11:27:59 Vision64Database I [10004] The operational rule step Set Default Browser is disabled
2017/03/28 11:27:59 Vision64Database I [10004] The operational rule step Set Browser Home Page is disabled
2017/03/28 11:27:59 Vision64Database I [10004] The operational rule step Check Antivirus Presence is disabled
2017/03/28 11:27:59 Vision64Database I [10004] The operational rule step Check Antivirus Signature File Date is disabled
2017/03/28 11:27:59 Vision64Database I [10004 The database log files is stoed in master\log
2017/03/28 11:27:59 Vision64Database I [10004] -------- OpswatV4 Migration End
If a query impacted by the upgrade is assigned to a Dynamic Device Group, the group is set to inactive.