Windows Security Center Status - VM Test

Windows Security Center (WSC) is a comprehensive reporting tool that helps administrators establish and maintain a protective security layer around Windows VMs to monitor the VM's health state. The Windows Security Center also monitors third party security products such as firewall, antivirus, antimalware and antispyware, installed on the VM. In order for the security products to be compliant with Windows and successfully report status to Action Center, these products should be registered with the security center. The security products communicate any subsequent status changes to the security center using private APIs. The security center, in turn, communicates these updates to Action Center, where they are finally displayed to the end user. With Windows Security Center, administrators can check whether any security product is installed and turned on, and if the definitions of the products are up to date and real-time protection is enabled. By continuously monitoring the Windows Security Center, administrators can instantly find out whether the security products are up-to-date or out dated, and the status of security products in real-time. This is what exactly the Windows Security Center Status - VM test does!

This test auto-discovers the security products installed on the Windsows VMs on the target host, and for each security product reports the current definition status and the current protection status. Using these details, administrators are alerted to the systems on which the automatic updates are outdated and virus protection turned off. By closely monitoring the status, administrators can take necessary actions before the end users become vulnerable to virus threats or malicious attacks.

This test is disabled by default. To enable the test, go to the enable / disable tests page using the menu sequence : Agents -> Tests -> Enable/Disable, pick Oracle VM Server as the desired Component type, set Performance as the Test type, choose the test from the disabled tests list, and click on the < button to move the test to the ENABLED TESTS list. Finally, click the Update button.

Target of the test: Oracle VM Server

Agent deploying the test: A remote agent

Outputs of the test: One set of results for every security product:provider combination on each Windows VMs.

Configurable parameters for the test
Parameters Description

Test Period

How often should the test be executed.

Host

The host for which the test is to be configured.

Port

The port at which the specified Host listens. By default, this is NULL.

Oracle VM Manager, Oracle VM Manager User, Oracle VM Manager Password, and Confirm Password

This test remotely connects to the Oracle VM Manager that manages the monitored Oracle VM Server and uses the web services API of the Oracle VM Manager to pull out metrics of interest. To enable this test to communicate with the web services API, you first need to configure the test with the IP address or host name of the Oracle VM Manager. This can be done using the Oracle VM Manager text box. Then, you need to configure the test with the credentials of a user with Admin rights to the Oracle VM Manager. Use the Oracle VM Manager User and Oracle VM Manager Password parameters to configure these credentials. Finally, confirm the password by retyping it in the Confirm Password text box.

SSL

By default, the Oracle VM Manager is SSL-enabled. Accordingly, the SSL flag is set to Yes by default. This indicates that the eG agent will communicate with the Oracle VM Manager via HTTPS by default.

WebPort

By default,, the Oracle VM Manager listens on 7002. This implies that while monitoring an Oracle VM server via an SSL-enabled Oracle VM Manager, the eG agent, by default, connects to port 7002 of the Oracle VM Manager to pull out metrics. In some environments however, this default port may not apply. In such a case, against the WebPort parameter, you can specify the exact port at which the Oracle VM Manager in your environment listens so that the eG agent communicates with that port.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Signature status

Indicates the current status of this security product.

 

The values reported by this measure and its numeric equivalents are mentioned in the table below:

Measure Value

Numeric Value
Unknown 25
Up to date 15
Out of date 10

Note:

By default, this measure reports the Measure Values listed in the table above to indicate the current state of this security product. The graph of this measure however, represents the status of a server using the numeric equivalents only.

Use the detailed diagnosis of this measure, to know about the name of Windows system on which the product is running, the file paths of product executables and the current status of the product.

Real-time protection status

Indicates the real-time protection status of this security product.

 

The values reported by this measure and its numeric equivalents are mentioned in the table below:

Measure Value

Numeric Value
Unknown 25
Snoozed 20
On 15
Expired 10
Off 0

Note:

By default, this measure reports the Measure Values listed in the table above to indicate the current protection status of this security product. The graph of this measure however, represents the status of a server using the numeric equivalents only.