Novell ZENworks Patch Management

Security Audit Reporting

As network security becomes more critical for your organization, the need to prove its effectiveness has also become more important. In most security audit situations, your IT administrators will need to show the status of your networks in terms of overall vulnerability. Auditors will also typically ask for documentation showing the implementation of security policies. ZENworks® Patch Management uses the new ZENworks Reporting Server to provide a wealth of pre-defined and custom reporting capabilities. This includes three standard reports that make certain your administrators can easily address these crucial audit questions. These reports can be run at both the individual device or group levels to help prepare you for network security audits:

• Vulnerability Assessment Detail—This report provides precise vulnerability assessment detail and can be filtered by vulnerability, group and/or device. The vulnerability assessment detail was created specifically to help your administrators assess network security situations.
• Vulnerability Assessment Summary—This report creates a management-level vulnerability assessment that helps your executives quickly and accurately ascertain your organization's network security status (from a patch management standpoint).
• Baseline Compliance—This report provides an analysis of the status of an organization's patch management policy (as reflected in the mandatory baseline). It helps administrators, executives and auditors understand an organization's security policies and their level of policy attainment.

Because Patch Management Service utilizes the ZENworks database and the ZENworks Reporting Server, patch management data is easily available from within the ZENworks Configuration Management custom reporting capabilities. This enables you to build on the standard patch management reports provided with ZENworks Patch Management to create the exact reports required for your unique audit situations.

By providing security patch management reports built on the monitoring and policy data collected in the on-going patch management process, ZENworks Patch Management significantly reduces the time and costs that come with preparing for audits. And because of the tight integration with the powerful ZENworks Reporting Server, you won't be limited in the reports you can create to meet network security auditor requirements.