Create a patch and compliance scan task

The security scanner is generally run as a scheduled task from the core server. The scheduled task can be a push, policy, or policy-supported push task.

For testing or specific needs, you can also run the security scanner immediately from the console or from the device that needs to be scanned.

With the Patch and Compliance tool, you can also create a compliance-specific scan task, that checks target devices for compliance with your customized security policy. A compliance scan is based on the contents of the Compliance group (and the options specified on the compliance settings), and can be run as a scheduled task, a policy, and even initiated by Ivanti Antivirus when a virus is detected that can't be removed or quarantined.

To create a security scan task

1.Click Tools > Security and Compliance > Patch and Compliance.

2.Make sure security content has been updated recently.

3.Make sure the Scan group contains only those definitions you want to scan for.

4.Click the Create a task toolbar button, and then click Security scan or Compliance scan, depending on the scan type you want.

5.Configure the scan options.

6.Click OK. For a scheduled task scan, you can now add target devices and configure the scheduling options in the Scheduled tasks tool.

NOTE: Compliance security scans

To run an on-demand scan from the console

1. Right-click the selected device (or up to 20 multi-selected devices) and click Security and Patch > Patch and compliance scan now.

2.Select a scan and repair setting, choose the type of scan, and then click OK. The scan runs immediately.