Baseline Security (MBSA) (Query)

Use the Task Query Baseline Security (MBSA) to identify various risks on Agents, such as Windows vulnerabilities, weak passwords, IIS and SQL vulnerabilities, and missing security updates. The Task is based on the Microsoft Baseline Security Analyzer technology (MBSA).

Configuration

  • The option Query weak passwords checks the locally stored account information for weaknesses.
  • The option Query SQL vulnerabilities also checks for MSDE issues.

Viewing the results

To view the results, open the completed Job at Jobs > Job History, go to the tab Tasks and double click to open the Query Baseline Security. The initial report shows the results per issue. Other views are also available:

  • To view the results per Agent, click Swap rows and columns.
  • To view the a more detailed list of security issues, click Computers per issue. From this overview, you can schedule a new Job, if necessary.
  • To open the data in the MBSA application (provided the application is available on your computer), click Show these results in Microsoft Baseline Security Analyzer.

If the detailed results show that Windows Security Updates or SDK Components Security Updates need to be installed on certain Agents, select the security issue and click Computers per issue. In the list of security updates:

  • Click on a security update to view a description on the website of Microsoft.
  • Use Click here to download to download the security update. You can then store this file as a Resource and schedule a Task Install Microsoft Update to install the update.

Saving and exporting information

  • In each window, you can create a PDF file of the current view using the Instant Report button Instant Report. The Instant Report PDF file can be saved.
  • To export the results, open the completed Job at Jobs > Job History, go to the tab Tasks and double click to open the Query Baseline Security. Using the Export button dbase export small, you can export the results to the following formats:
    • TXT (Tab delimited)
    • CSV (Comma delimited)
    • MBSA (MBSA version 2 or higher): This format can be opened on computers with Microsoft Baseline Security Analyzer 2.0 or higher installed.
    • XML (MBSA version 1.x): This format can be opened on computers with lower versions of Microsoft Baseline Security Analyzer installed. It can also be viewed as a regular XML file.

If multiple Agents were queried when the Task was executed, and you export the results to XML or MBSA, Ivanti Automation will create one file per Agent.