To view the scanning services:
SECURITY.ZSERVICE.HP_SECTOOLS_MGMT_ALL_V001
The Service Details window opens. For more information about services, see Service Information.
The CSDB initially contains an instance of PRIMARY.SECURITY.ZSERVICE called <Discover Vulnerabilities (Limited Edition)> for vulnerability scanning and another instance called <Discover FDCC 1.0 Compliance> for compliance scanning. As other benchmarks are added to the HP Live Network content, new instances will become available. After you perform your first HP Live Network update, the <Discover Security Tools> service is added.
The CSDB also contains an instance of PRIMARY.SECURITY.TIMER called Daily Vulnerability Scan, which determines when the vulnerability scanner is executed on target systems. Although they are separate instances, the <Discover Vulnerabilities> service has a connection to the Daily Vulnerability Scan timer.
Note: There is no built-in timer for compliance or security tools scanning. You must set up a DTM job to schedule regular compliance and security tools scans on your target devices. For more information, see Create an HPCA Job to Schedule or Trigger a Scan. Alternatively, you can set up your own compliance scanning timer in the CSDB.
The following example is a snapshot of the Admin CSDB Editor showing a subset of the parameters for the Daily Vulnerability Scan service:
The timer does not directly invoke the scanner. When the timer expires, radskman
performs a connect operation to the SECURITY Domain. This causes one of the following methods to be executed: ZCREATE, ZVERIFY, ZUPDATE, or ZREPAIR. When any of these methods is executed, the scanner is launched on the target system.
By default, the timer is configured to run daily at a randomly selected time between 08:30 and 16:30 local (system) time.
Note: You must explicitly entitle your target devices to the scanning services before you can use them. For more information, see Schedule or Trigger a Scan.