HP Live Network provides two types of security and compliance management content:
In order to access the HP Live Network content, see Accessing HP Live Network Content.
When you update your HPCA security and compliance management content – either from HP Live Network or from the file system – the following three things happen:
When a client device with a configured security policy subsequently makes a connection to the SECURITY Domain in the CSDB, the data and scanners are deployed to that client device. At this point, the client device will be scanned. The results of the scans are then sent to the Core database.
Security and Compliance Management in HPCA
The security and compliance content that is loaded into the CSDB includes both “service” definitions and “master” definitions. The service definitions are related to the scanning services and are deployed to the platform-specific agents for performing the scans. The master definitions are used when you move content from a test environment to a production environment (see Move HP Live Network Content from a Test Environment to a Production Environment).
For vulnerability scanning, the master definitions include the National Vulnerability Database (NVD) CVE definitions and the platform-specific Open Vulnerability Assessment Language (OVAL) definitions required by HPCA. It is the combination of these two sets of definitions for each platform that enable HPCA to create the Vulnerability Management reports.
For compliance scanning, the master definitions include the compliance benchmarks in SCAP format.
For security tools management scanning, there are no definitions. The scanner simply looks for the presence of all supported security tools and determines whether each tool is enabled. For anti-virus and anti-spyware tools, the scanner also determines when each tool last updated its definitions and when it last performed a full system scan.