Start a Scan from a Target Device

To install the latest security and compliance management content and trigger an immediate scan on a client device, you can simply perform a client connect from that device to the SECURITY Domain in the CSDB.

To perform an agent connect to the SECURITY Domain:

On a managed client device, open a command line window, and execute the following command:

radskman dname=security,context=m,uid=$machine,cop=y

This command triggers an update to all the services in the SECURITY domain, including the security and compliance management services, to which the client device is entitled.

To trigger only a vulnerability scan, add the following parameter to the radskman command:

sname=DISCOVER_VULNERABILITY

To trigger only a compliance scan, add an sname parameter for the compliance service that you want to trigger to the radskman command. For example:

sname=DISCOVER_FDCC_1-0_OS

To trigger only a security tools scan, add the following parameter to the radskman command:

sname=HP_SECTOOLS_MGMT_ALL_V001

Remember to separate the radskman options with commas but not spaces.

Note: Uninstalling the management agent on a client device does not remove the scanners. To remove the security service, first remove the policy and then, perform a client connect to remove the service before you uninstall the management agent.


© 2003 - 2012 Hewlett-Packard Development Company, L.P.