Configuration of VmgWinSecurityTest

Windows Security Center (WSC) is a comprehensive reporting tool that helps administrators establish and maintain a protective security layer around Windows VMs to monitor the VM's health state. The Windows Security Center also monitors third party security products such as firewall, antivirus, antimalware and antispyware, installed on the VM. In order for the security products to be compliant with Windows and successfully report status to Action Center, these products should be registered with the security center. The security products communicate any subsequent status changes to the security center using private APIs. The security center, in turn, communicates these updates to Action Center, where they are finally displayed to the end user. With Windows Security Center, administrators can check whether any security product is installed and turned on, and if the definitions of the products are up to date and real-time protection is enabled. By continuously monitoring the Windows Security Center, administrators can instantly find out whether the security products are up-to-date or out dated, and the status of security products in real-time. This is what exactly the VmgWinSecurityTest does!

This test auto-discovers the security products installed on the Windows virtual desktops on the cloud, and for each security product reports the current definition status and the current protection status. Using these details, administrators are alerted to the systems on which the automatic updates are outdated and virus protection turned off. By closely monitoring the status, administrators can take necessary actions before the end users become vulnerable to virus threats or malicious attacks.

The default parameters associated with this test are:

• The TEST PERIOD list box helps the user to decide how often this test needs to be executed.

• In the HOST text box, specify the nick name of the Cloud Desktops component for which this test is to be configured.

• Specify the port at which the specified host listens to in the PORT text box. By default, this is NULL.

• To obtain the ‘inside view’ of performance of the cloud -hosted Windows desktops - i.e., to measure the internal performance of the Windows virtual desktops - this test uses a light -weight eGVMAgent software deployed on each of the desktops. Accordingly, Inside View Using parameter is by default set to eGVMAgent (Windows).

• Report Powered OS flag is relevant only for those tests that are mapped to the Inside View of Desktops layer. If this flag is set to Yes (which is the default setting), then the ‘inside view’ tests will report measures for even those Windows virtual desktops that do not have any users logged in currently. Such desktops will be identified by their name and not by the username_on_virtualdesktopname. On the other hand, if this flag is set to No, then this test will not report measures for those Windows virtual desktops to which no users are logged in currently.

• Report By User flag is set to Yes by default. The value of this flag cannot be changed. This implies that the virtual machines in VDI environments will always be identified using the login name of the user. In other words, in VDI environments, this test will, by default, report measures for every username_on_virtualmachinename.

• Since this test runs for a ‘Cloud Desktops’ component, Is Cloud VMs flag is set to Yes by default.

• DD FREQUENCY refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD FREQUENCY.

• To make diagnosis more efficient and accurate, eG embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test, by default, for a particular server, choose the On option against DETAILED DIAGNOSIS. To disable the capability, click on the Off option.

  The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

  • The eG manager license should allow the detailed diagnosis capability.

  • Both the bad and normal frequencies configured for the detailed diagnosis measures should not be 0.

• If multiple components of the same component type are awaiting configuration, then an APPLY TO OTHER COMPONENTS button will appear in this page. Clicking on this button will allow you to apply the configuration to all/selected components of that type.

• Once the necessary values have been provided, clicking on the UPDATE button will register the changes made.

When changing the configuration for specific servers, a “*” beside the text box corresponding to the parameter signifies that these values have to be manually configured by the user. The parameter values that require to be configured will typically be prefixed with a “$” or contain a series of “*”. A value of “none” in the parameter value indicates that the corresponding parameter value can be changed if required.