cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Galaxis
Level 9
Report Inappropriate Content
Message 1 of 5
‎03-02-2021 12:23 PM

Difference between a Client Task Catalog On-Demand Scan Task and Policy Catalog On-Demand Scan

Jump to solution

Hello, trying to determine what this difference is, which overrides, etc. Both have about the same params for a full scan (Policy Catalog scan has add'l "QUick" and "Right-click" tabs).

0 Kudos
Reply
1 Solution

Accepted Solutions
Galaxis
Level 9
Report Inappropriate Content
Message 5 of 5
‎03-03-2021 08:32 AM

Re: Difference between an Client Catalog OnDemand Scan Task and Policy Catalog On-Demand Scan

Jump to solution

Found where the client task config in MFE client: "Common" settings; "Advanced", under "Tasks".  Still unclear, if a policy ODS task (from Policy Catalog) is created by itself/assigned to systems (no associated task scan w/ scheduling), how/when does that policy scan run on those assigned systems?  I can see it deployed, but w/out scheduling info, what triggers it.  From reading the ENS TP Product Guide, seems like a policy ODS scans need an associated task ODS scans to run (otherwise it just sits there?).

View solution in original post

0 Kudos
Reply
4 Replies
ryadav1
Employee
Employee
Report Inappropriate Content
Message 2 of 5
‎03-02-2021 05:45 PM

Re: Difference between an Client Catalog OnDemand Scan Task and Policy Catalog On-Demand Scan

Jump to solution

Hello @Galaxis ,

Within ENSTP you have two types of ODS scan: Policy-Based and Custom Tasks.

If you create a Custom On Demand Scan, you configure the settings of the task within the task. 

If you create a Policy-Based On Demand Scan, you configure the settings of the task within the ENS policy (On-Demand Scan). Within the policy you can then configure the different settings for each ODS (Full Scan, Right Click Scan, Quick Scan).

FYI - if you want to be able to report on the ODS Tasks, I'd encourage you to use Policy-Based Tasks as only this type of ODS Task will generate events. 

Thank you,

McAfee 

0 Kudos
Reply
Galaxis
Level 9
Report Inappropriate Content
Message 3 of 5
‎03-02-2021 06:45 PM

Re: Difference between an Client Catalog OnDemand Scan Task and Policy Catalog On-Demand Scan

Jump to solution

Thx for the info.  But what if both are defined, would 2 scans run?  Does it even make sense to have both defined?  Not even sure when a policy ODS scan would run; only option I see in Policy Catalog opts is "Scan only when the system is idle"; a task scan can be scheduled (oddly enough, only when I click "Edit Assignment", tho no groups to assign to come up that way).  If both can be defined, how would they both show up in the endpoint system they get deployed to (say, in MFE client, I only see an option/params that look like a policy scan.  We have a custom ODS scan task defined w/ a schedule of every week, and a policy ODS (full/quick/right-click) from the Policy Catalog. Don't know how they interact if at all; seems like the task scan will run based on its schedule, but no idea when the policy scan will run.  

0 Kudos
Reply
Galaxis
Level 9
Report Inappropriate Content
Message 4 of 5
‎03-02-2021 07:53 PM

Re: Difference between an Client Catalog OnDemand Scan Task and Policy Catalog On-Demand Scan

Jump to solution

Ok I think I see how to schedule a policy ODS task.  After creating/configuring the scan in the Policy Catalog, you then have to assign it to a Policy Based type ODS task scan in the Client Task Catalog, then assign that task scan to a group; then it  takes you to the scheduling scrn.  But a policy scan by itself can be assigned to groups as well, and those show up on the assigned systems associated to the groups (like when u do an ASIC like "Wake up Agents); u can see them in the MFE clients on those assigned systems.  But how do they run w/out a containing task scan to schedule them?  And if a containing task scan is assigned to a group/system, and contains a policy scan also assigned to a (maybe different) group/system, how/where would that a containing task scan show up at the assigned systems (**bleep**ain all I see in the MFE client is a place for a policy scan by itself)?

0 Kudos
Reply
Galaxis
Level 9
Report Inappropriate Content
Message 5 of 5
‎03-03-2021 08:32 AM

Re: Difference between an Client Catalog OnDemand Scan Task and Policy Catalog On-Demand Scan

Jump to solution

Found where the client task config in MFE client: "Common" settings; "Advanced", under "Tasks".  Still unclear, if a policy ODS task (from Policy Catalog) is created by itself/assigned to systems (no associated task scan w/ scheduling), how/when does that policy scan run on those assigned systems?  I can see it deployed, but w/out scheduling info, what triggers it.  From reading the ENS TP Product Guide, seems like a policy ODS scans need an associated task ODS scans to run (otherwise it just sits there?).

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC