Management and Security

Create a patch and compliance scan task

The security scanner is generally run as a scheduled task from the core server. The scheduled task can be a push, policy, or policy-supported push task.

For testing or specific needs, you can also run the security scanner immediately from the console or from the device that needs to be scanned.

To create a security scan task

1.Click Tools > Security > Patch and Compliance.

2.Make sure security content has been updated recently.

3.Make sure the Scan group contains only those definitions you want to scan for.

4.Click the Create a task toolbar button, and then click Security scan. The Create security scan task dialog box displays.

5.Enter a name for the scan.

6.Specify whether the scan is a scheduled task or a policy-based scan, or both.

7.Select one of the scan and repair settings from the available list (or create custom settings for this scan) to determine how the scanner operates on end-user devices.

8.Click OK. For a scheduled task scan, you can now add target devices and configure the scheduling options in the Scheduled tasks tool.

NOTE: Compliance security scans
With the Patch and Compliance tool, you can also create a compliance-specific scan task, that checks target devices for compliance with your customized security policy. A compliance scan is based on the contents of the Compliance group (and the options specified on the compliance settings), and can be run as a scheduled task, a policy, and even initiated by Ivanti Antivirus when a virus is detected that can't be removed or quarantined.

To run an on-demand scan from the console

1. Right-click the selected device (or up to 20 multi-selected devices) and click Security and Patch > Patch and compliance scan now.

2.Select a scan and repair setting, choose the type of scan, and then click OK. The scan runs immediately.

Was this article useful?