Verified Answers

If an answer to your question is correct, click on "Verify Answer" under the "More" button.  The answer will now appear with a checkmark.  Please be sure to always mark answers that resolve your issue as verified.  Your fellow Community members will appreciate it!  Learn more.

  • State Verified Answer
  • Replies replies
    3
  • Subscribers subscribers
    5
  • Views views
    208
  • Users 0 members are here
  • +1 person also asked this people also asked this
Related
Options

ZENWorks Vulnerability Scanner

Damilola Adedeji

Hi Community,

I am hoping to clarify some questions.

Other than upstream CVE's received via the NIST API or similar mechanism, can ZENworks Patch Management solution be configured to receive vulnerability scan results via its API from tools such as Tenable Nessus and other dedicated vulnerability assessment tools/solutions. I cannot seem to find this information.

Secondly, how is the ZENworks vulnerability assessment of OS and applications effectiveness as compared to Nessus which uses various plug-ins for discovery? For example, can ZENworks scan the Windows registry?  Since it seems to have different discovery approach.

Lastly, does the ZENWorks Patch Management / Vulnerability solution able to offer a distributed three-tier architecture whereby, the endpoint Agents report to a "Intermediary" Manager which in turn reports to a 'Central" Management system (i.e the "brain" where policy and users are defined)

{Central Manager}   <----> {Agent Manager} <-----> {Agents}

Best regards,

Dami

Parents
  • 0  

    To start at the bottom, the answer would be YES , in that would be ZENworks itself.  The Agent's are not stand alone and report to the ZENworks Primary Servers and results are stored in the DB.  The agents are not stand-alone objects.  Third party devices can query the DB which holds extensive details if some other product wants the same information.  ZENworks Reporting Server can be used to help generate the required queries for external information.

    In General, For CVEs ZCM will only report if impacted software is installed and not analyze the configuration of the software, though administrators could indeed do that on a case by case basis if desired if they owned the full ZCM that allows for deeper dives and creating your own definitions. 

    I would recommend not trying to equate what Tenable does with what ZCM does.  Very Different on so many levels.  

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

Reply
  • 0  

    To start at the bottom, the answer would be YES , in that would be ZENworks itself.  The Agent's are not stand alone and report to the ZENworks Primary Servers and results are stored in the DB.  The agents are not stand-alone objects.  Third party devices can query the DB which holds extensive details if some other product wants the same information.  ZENworks Reporting Server can be used to help generate the required queries for external information.

    In General, For CVEs ZCM will only report if impacted software is installed and not analyze the configuration of the software, though administrators could indeed do that on a case by case basis if desired if they owned the full ZCM that allows for deeper dives and creating your own definitions. 

    I would recommend not trying to equate what Tenable does with what ZCM does.  Very Different on so many levels.  

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

Children
  • 0 in reply to   

    Thank you Craig.
    I am not completely clear yet.
    However, now I do understand that ZENworks can only report on a vulnerability with a specific software version it is keeping track of, and it is not particularly actively doing a "whole system" scan.
    Therefore, ZENworks cannot be a like-for-like replacement for Tenable/Qualys vulnerability assessment scanners?

    Secondly, it is not very clear to me from your answer if ZENworks can receive feeds via API or other means the scan results (e.g., from Tenable/Qualys), however, I have inferred it CANNOT do so.

    Lastly, I am also not clear on the distributed / solution for tiered architecture (or deployment) available in ZENworks.
    I am interested in understanding how much the product can scale in a very distributed deployment, say 50 sites (each site having hundreds of workstation clients/server) with only one instance of a Central Management system.
    In such a deployment, as mentioned earlier, can the Central Manager delegate (or have) an intermediary between the Agent and the "Brain/Central Manager" such that they are reporting (and policy is received) from the "decentralised managers"?

    Thank you.
    Damilola.

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.