To install the latest security and compliance management content and trigger an immediate scan on a client device, you can simply perform a client connect from that device to the SECURITY Domain in the CSDB.
To perform an agent connect to the SECURITY Domain:
On a managed client device, open a command line window, and execute the following command:
radskman dname=security,context=m,uid=$machine,cop=y
This command triggers an update to all the services in the SECURITY domain, including the security and compliance management services, to which the client device is entitled.
To trigger only a vulnerability scan, add the following parameter to the radskman command:
sname=DISCOVER_VULNERABILITY
To trigger only a compliance scan, add an sname
parameter for the compliance service that you want to trigger to the radskman
command. For example:
sname=DISCOVER_FDCC_1-0_OS
To trigger only a security tools scan, add the following parameter to the radskman command:
sname=HP_SECTOOLS_MGMT_ALL_V001
Remember to separate the radskman
options with commas but not spaces.
Note: Uninstalling the management agent on a client device does not remove the scanners. To remove the security service, first remove the policy and then, perform a client connect to remove the service before you uninstall the management agent.