Versions Compared

Version Old Version 7 New Version 8
Changes made by

Joshua Drummond

mgivechi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • For machines that your group has complete control over patching and maintenance it is recommended you deploy CSI agents to those machines.  For machines where the user has administrative rights and can patch their own machine but you'd still like visibility and reports into it you can choose to deploy CSI agents and/or linked PSI agents to them.
  • Configuring Secunia CSI
    • Inside CSI Console, go to Menu -> Configuration -> Settings -> CSI Windows Update Settings and select either "managed Windows Update server" if using WSUS or "official Windows Update server" otherwise
    • If using WSUS and your CSI Console is not installed on your WSUS server, you'll need to install the WSUS Management Console on the same machine as you installed CSI Console on for them to integrate together
  • Deploying CSI agents
    • CSI Agent download is unique to your account: download from inside CSI Console -> Menu -> Scanning -> Scanning Via Local Agents -> Agent Download & Setup
    • Using your software deployment mechanism of choice (WSUS, GPO, LanDesk, etc) copy the csia.exe file into a newly created directory "C:\Program Files\Secunia\CSI\" on target machines
    • Start agent using "C:\Program Files\Secunia\CSI\csia.exe -i -L -v -d csilog.txt" on target machines
  • Deploying linked PSI agents
    • Linked PSI download is unique to your account: download from inside CSI Console -> Menu -> Scanning -> PSI Integration -> Download Custom PSI (generate new Link ID for yourself)
    • Manually copy the PSISetup*.exe file to the target system and install it locally (requires administrator rights), initiate first scan which will send results to the server
  • Once agents check in, you can edit their settings inside CSI Console under Menu -> Scanning -> Scanning Via Local Agents -> Single Host Agents -> right click on an entry to edit it (or its entire site) configuration.  Key things you'll want to change may be "Agent check-in frequency" (if you want updates to apply faster), "Inspection type" to improve accuracy, and definitely "Days between scans" to more frequent than 7 days, change it to 1 day (schedule for sometime during the night) to begin with and only make it longer if you notice significant performance issues on the machine.  With zero-day exploits and patches it is important to have up to date results.
  • You can look at scan results under Menu -> Results and/or generate reports under Menu -> Reports

...