How HP Live Network Content is Updated

HP Live Network provides two types of security and compliance management content:

In order to access the HP Live Network content, see Accessing HP Live Network Content.

When you update your HPCA security and compliance management content – either from HP Live Network or from the file system – the following three things happen:

  1. Both the updated scanners and data are copied into a temporary directory.
  2. The data is pushed from the temporary directory to the Core database. This drives the detailed definition reports and primes the database for processing the collected scan results.
  3. Both the data and scanners are loaded into the CSDB.

When a client device with a configured security policy subsequently makes a connection to the SECURITY Domain in the CSDB, the data and scanners are deployed to that client device. At this point, the client device will be scanned. The results of the scans are then sent to the Core database.

Security and Compliance Management in HPCA

  1. Updated security and compliance content is downloaded and analyzed by the HP Live Network team. The HP Live Network scanners are updated, if necessary (this is rare).
  2. Updated security and compliance content, including the HP Live Network scanners, is downloaded by HPCA from HP Live Network and published to the CSDB and the Core database.
  3. Client devices are scanned for security and compliance problems by HPCA.

The security and compliance content that is loaded into the CSDB includes both “service” definitions and “master” definitions. The service definitions are related to the scanning services and are deployed to the platform-specific agents for performing the scans. The master definitions are used when you move content from a test environment to a production environment (see Move HP Live Network Content from a Test Environment to a Production Environment).

For vulnerability scanning, the master definitions include the National Vulnerability Database (NVD) CVE definitions and the platform-specific Open Vulnerability Assessment Language (OVAL) definitions required by HPCA. It is the combination of these two sets of definitions for each platform that enable HPCA to create the Vulnerability Management reports.

For compliance scanning, the master definitions include the compliance benchmarks in SCAP format.

For security tools management scanning, there are no definitions. The scanner simply looks for the presence of all supported security tools and determines whether each tool is enabled. For anti-virus and anti-spyware tools, the scanner also determines when each tool last updated its definitions and when it last performed a full system scan.


© 2003 - 2012 Hewlett-Packard Development Company, L.P.