Managing Individual Machine Properties

The Manage Machine Properties dialog is accessed from within Machine View or Scan View by double-clicking a machine or by right-clicking the desired machine and then selecting Machine properties. The dialog contains several tabs that enable you to define many different properties for an individual machine.

 

General tab

Enables you to define a variety of general information about the machine, including:

Description, Location, Customer Name, Criticality, Asset tag: Site-specific information you want to provide for the machine. The Criticality level can be used to sort the grid within Machine View.

Patch drive path: Enables you to specify the drive and the path to use on the target machine when patches are downloaded during a patch deployment. Do this only if you do not want to use the default location (C:\Windows\ProPatches). For example, if the C: drive on your target machines is low on space, you might specify that the patches are instead written to the D: drive. The "ProPatches" name is automatically appended to whatever path you specify. For example, if you specify "D:\ABC," the final destination for the patches will be "D:\ABC\ProPatches."

Assigned group: The static group that this machine is assigned to within Machine View and Scan View. The group is used for organizational purposes. For example, you might sort, filter and search for a specific assigned group and then perform actions on the machines in that group.

Custom 1 - 3: These three fields enable you to write custom notes about properties that are unique to this machine. For example, you might use Custom 1 to specify the machine type (laptop, desktop, server, etc.), Custom 2 to specify the machine location (St. Paul, Dallas, Seattle, etc.), and Custom 3 to specify the department that owns the machine (HR, Accounting, IT, etc.). You can use the fields to filter or sort machines within Machine View and Scan View and when scheduling reports.

RDP port: Defines the Remote Desktop Protocol (RDP) port to use when making a remote desktop connection with this machine.

Connect to machine by: Specifies the method to use when connecting to your client machine. There are two options:

IP address: The console will connect to clients using the IP address of the machines. This is the default setting.

Fully qualified domain name (FQDN): You may need this method if Kerberos authentication is used in your environment, and if Service Principal Name (SPN) validation is required for Server Message Block (SMB) endpoint connections.

For more detailed information, see IP Address vs FQDN.

The setting specified here will be used for scans or agent installations that are initiated from Machine View or Scan View.

Credential: Specifies the credential used when authenticating Security Controls to the machine. The credential you supply here will override credentials specified in other areas of the program. If you select None you effectively remove the credential currently assigned to the machine.

There may be several reasons for providing different credentials to a machine after a scan has been performed. If you have multiple administrators in your organization and each is responsible for a different domain, they will need to set their own credentials before performing an action. Or, your organization's policy may be to separate scan (assessment) duties from deployment duties, in which case different credentials are probably required.

Scheduler Port: Specifies the port used by the Ivanti Scheduler service when communicating with this machine. Specifying the port value here overrides the value set on the Scheduling Options dialog.

Email tab

Enables you to specify which reports should be automatically sent and to whom the reports should get sent. The specified reports will be sent whenever the machine is involved in a scan or a deployment.

To configure reports:

1.Select a report in the Report list.

2.In the Report recipients list, select the groups and/or individuals you want to email the report to.

3.Repeat Step 1 and Step 2 for each report you want to be automatically sent.

4.When finished, click Save.

You can use the Machine owner and Machine admin boxes to define the owner and administrator of this machine. If you need to define a new contact or change the email address for a contact, select Manage > Address Book.

Statistics tab

Displays a trend chart showing the number of found and missing patches detected in the last several scans. This enables you to quickly determine if the patch security state of a machine is trending up or down.