Windows Security Center Status - VM Test

Windows Security Center (WSC) is a comprehensive reporting tool that helps administrators establish and maintain a protective security layer around Windows VMs to monitor the VM's health state. The Windows Security Center also monitors third party security products such as firewall, antivirus, antimalware and antispyware, installed on the VM. In order for the security products to be compliant with Windows and successfully report status to Action Center, these products should be registered with the security center. The security products communicate any subsequent status changes to the security center using private APIs. The security center, in turn, communicates these updates to Action Center, where they are finally displayed to the end user. With Windows Security Center, administrators can check whether any security product is installed and turned on, and if the definitions of the products are up to date and real-time protection is enabled. By continuously monitoring the Windows Security Center, administrators can instantly find out whether the security products are up-to-date or out dated, and the status of security products in real-time. This is what exactly the Windows Security Center Status - VM test does!

This test auto-discovers the security products installed on the Windows virtual desktops on the cloud, and for each security product reports the current definition status and the current protection status. Using these details, administrators are alerted to the systems on which the automatic updates are outdated and virus protection turned off. By closely monitoring the status, administrators can take necessary actions before the end users become vulnerable to virus threats or malicious attacks.

This test is disabled by default. To enable the test, go to the ENABLE/DISABLE TESTS page using the menu sequence : Agents -> Tests -> Enable/Disable, pick Cloud Desktops as the desired Component type, set Performance as the Test type, choose the test from the DISABLED TESTS list, and click on the < button to move the test to the ENABLED TESTS list. Finally, click the Update button.

Target of the test : A Windows virtual desktop on the cloud

Agent deploying the test : A remote agent

Outputs of the test : One set of results for every security product:provider combination on each user_on_poweredonvirtualdesktop

Configurable parameters for the test
Parameter Description

Test Period

How often should the test be executed.

Host

The nick name of the Cloud Desktops component for which this test is to be configured.

Port

Refers to the port at which the specified host listens to. By default, this is NULL.

Inside View Using

To obtain the 'inside view' of performance of the cloud-hosted Windows desktops - i.e., to measure the internal performance of the Windows virtual desktops - this test uses a light-weight eG VM Agent software deployed on each of the desktops. Accordingly, this parameter is by default set to eG VM Agent (Windows).

Report Powered OS

This flag is relevant only for those tests that are mapped to the Inside View of Desktops layer. If this flag is set to Yes (which is the default setting), then the 'inside view' tests will report measures for even those Windows virtual desktops that do not have any users logged in currently. Such desktops will be identified by their name and not by the username_on_virtualdesktopname. On the other hand, if this flag is set to No, then this test will not report measures for those Windows virtual desktops to which no users are logged in currently.

Is Cloud VMs

Since this test runs for a 'Cloud Desktops' component, this flag is set to Yes by default.

DD Frequency

Refers to the frequency with which detailed diagnosis measures are to be generated for this test. For instance, if you set to 1:1, it means that detailed measures will be generated every time this test runs, and also every time the test detects a problem.

Detailed Diagnosis

To make diagnosis more efficient and accurate, the eG suite embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option.

The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

  • The eG manager license should allow the detailed diagnosis capability.
  • Both the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.
Measurements made by the test
Measurement Description Measurement Unit Interpretation

Signature status

Indicates the current status of this security product.

The values reported by this measure and its numeric equivalents are mentioned in the table below:

Measure Value

Numeric Value
Unknown 25
Up to date 15
Out of date 10

Note:

By default, this measure reports the Measure Values listed in the table above to indicate the current state of this security product. The graph of this measure however, represents the status of a server using the numeric equivalents only.

Use the detailed diagnosis of this measure, to know about the name of Windows system on which the product is running, the file paths of product executables and the current status of the product.

Real-time protection status

Indicates the real-time protection status of this security product.

The values reported by this measure and its numeric equivalents are mentioned in the table below:

Measure Value

Numeric Value
Unknown 25
Snoozed 20
On 15
Expired 10
Off 0

Note:

By default, this measure reports the Measure Values listed in the table above to indicate the current protection status of this security product. The graph of this measure however, represents the status of a server using the numeric equivalents only.