Reporter 65 Product Overview
-
Upload
anthony-thomas -
Category
Documents
-
view
217 -
download
0
Transcript of Reporter 65 Product Overview
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 1/41
6.5Quest Reporter
Product Overview
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 2/41
© 2011 Quest Software, Inc. ALL RIGHTS RESERVED.
This guide contains proprietary information protected by copyright. The software
described in this guide is furnished under a software license or nondisclosure agreement.This software may be used or copied only in accordance with the terms of the applicable
agreement. No part of this guide may be reproduced or transmitted in any form or by any
means, electronic or mechanical, including photocopying and recording for any purpose
other than the purchaser’s personal use without the written permission of Quest Software,
Inc.
The information in this document is provided in connection with Quest products. No
license, express or implied, by estoppel or otherwise, to any intellectual property right is
granted by this document or in connection with the sale of Quest products. EXCEPT AS SETFORTH IN QUEST'S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT
FOR THIS PRODUCT, QUEST ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY
EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING,
BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL QUEST BE LIABLE
FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL
DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS,
BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR
INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST HAS BEEN ADVISED OF THEPOSSIBILITY OF SUCH DAMAGES. Quest makes no representations or warranties with
respect to the accuracy or completeness of the contents of this document and reserves the
right to make changes to specifications and product descriptions at any time without
notice. Quest does not make any commitment to update the information contained in this
document.
If you have any questions regarding your potential use of this material, contact:
Quest Software World Headquarters
LEGAL Dept5 Polaris Way
Aliso Viejo, CA 92656
www.quest.com
email: [email protected]
Refer to our Web site for regional and international office information.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 3/41
Trademarks
Quest, Quest Software, the Quest Software logo, AccessManager, ActiveRoles, Aelita,
Akonix, Benchmark Factory, Big Brother, BridgeAccess, BridgeAutoEscalate,
BridgeSearch, BridgeTrak, BusinessInsight, ChangeAuditor, CI Discovery, Defender,DeployDirector, Desktop Authority, Directory Analyzer, Directory Troubleshooter, DS
Analyzer, DS Expert, Foglight, GPOADmin, Help Desk Authority, Imceda, IntelliProfile,
InTrust, Invirtus, iToken, JClass, JProbe, LeccoTech, LiteSpeed, LiveReorg, LogADmin,
MessageStats, Monosphere, NBSpool, NetBase, NetControl, Npulse, NetPro, PassGo,
PerformaSure, Point, Click, Done!, Quest vToolkit, Quest vWorkSpace, ReportADmin,
RestoreADmin, ScriptLogic, SelfServiceADmin, SharePlex, Sitraka, SmartAlarm, Spotlight,
SQL Navigator, SQL Watch, SQLab, Stat, StealthCollect, Storage Horizon, Tag and Follow,
Toad, T.O.A.D., Toad World, vAutomator, vConverter, vEcoShell, VESI,vFoglight,
vPackager, vRanger, vSpotlight, vStream, vToad, Vintela, Virtual DBA, VizionCore,
Vizioncore vAutomation Suite, Vizioncore vEssentials, Vizioncore vWorkflow,
WebDefender, Webthority, Xaffire, and XRT are trademarks and registered trademarks of
Quest Software, Inc in the United States of America and other countries. Other
trademarks and registered trademarks are property of their respective owners.
Third Party Contributions
Quest Reporter contains some third party components (listed below). Copies of their
licenses may be found on our website athttp://www.quest.com/legal/third-party-licenses.aspx
Quest Reporter Product Overview
Updated - May 2011
Software Version - 6.5
USE COMPONENT LICENSE
Compression Info-Zip 2002-Feb-16 Info-Zip 2007-Mar-4
Compression SharpZipLib 0.84.0.0 SharpZipLib 0.84
Encryption Blowfish v2 MIT 1.0
Logging Log4Net 1.2.10 Apache 2.0
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 4/41
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 5/41
v
CONTENTS
CHAPTER 1
INTRODUCING QUEST R EPORTER . . . . . . . . . . . . . . . . . . . . . . . . 7GETTING THE MOST FROM QUEST REPORTER . . . . . . . . . . . . . . 8
DAY-TO-DAY SECURITY AND STANDARDS ENFORCEMENT . . . . 8
PREPARING FOR AUDITS . . . . . . . . . . . . . . . . . . . . . . . . 9
PREPARING FOR CHANGE . . . . . . . . . . . . . . . . . . . . . . . 9
QUEST REPORTER COMPONENTS . . . . . . . . . . . . . . . . . . . . . .10
QUEST REPORTER CONFIGURATION BASELINING . . . . . . . . . . . .11
QUEST REPORTER FOR NOVELL . . . . . . . . . . . . . . . . . . . . . . .12
QUEST REPORTER EXPRESS . . . . . . . . . . . . . . . . . . . . . . . . .13
MANAGING YOUR NETWORK WITH QUEST REPORTER . . . . . . . . . .14
QUEST REPORTER FEATURES . . . . . . . . . . . . . . . . . . . . . . . .15
REPORT GENERATION . . . . . . . . . . . . . . . . . . . . . . . . .15
MODES OF REPORTING. . . . . . . . . . . . . . . . . . . . . . . . .15
OBJECT SETS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
FAVORITES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
FILTERING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
LINKING ATTRIBUTES BETWEEN CATEGORIES . . . . . . . . . . .17
MULTIFOREST REPORTING . . . . . . . . . . . . . . . . . . . . . . .17
CHAPTER 2INTRODUCING CONFIGURATION BASELINING . . . . . . . . . . . . . . . 19
OVERVIEW OF CONFIGURATION BASELINING . . . . . . . . . . . . . . .20
WHAT IS THE CONFIGURATION BASELINING WORKFLOW? . . . .22
WHAT IS A CONFIGURATION CHECK? . . . . . . . . . . . . . . . .24
WHAT IS A TEMPLATE?. . . . . . . . . . . . . . . . . . . . . . . . .25
WHAT IS A RULE SET?. . . . . . . . . . . . . . . . . . . . . . . . .26
WHAT IS A RULE? . . . . . . . . . . . . . . . . . . . . . . . . . . .27
CONFIGURATION BASELINING DATABASES . . . . . . . . . . . . .28
NAVIGATING CONFIGURATION BASELINING . . . . . . . . . . . . . . . .29
INTRODUCING THE CONFIGURATION BASELINING ROOT NODE .30INTRODUCING THE TASKPADS. . . . . . . . . . . . . . . . . . . . .30
INTRODUCING THE TEMPLATES NODE . . . . . . . . . . . . . . . .32
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 6/41
vi
INTRODUCING THE RULE SETS NODE . . . . . . . . . . . . . . . .34
INTRODUCING THE JOB MANAGEMENT NODE . . . . . . . . . . . .37
ABOUT QUEST SOFTWARE . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40CONTACTING QUEST SUPPORT . . . . . . . . . . . . . . . . . . . . . . .40
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 7/41
Introducing Quest
Reporter
• Getting the Most from Quest Reporter
• Quest Reporter Components
• Quest Reporter Configuration Baselining• Quest Reporter for Novell
• Quest Reporter Express
• Managing Your Network with Quest Reporter
• Quest Reporter Features
1
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 8/41
Introducing Quest Reporter
8
Getting the Most from QuestReporter
This document has been prepared to assist you in becoming familiar with QuestReporter, a Windows Management product. The Product Overview contains an
overview of the features, components, and functionality of Quest Reporter. It isintended for internal and external auditors, network administrators, consultants,analysts, and any other IT professionals using the product.
Quest Reporter is an invaluable tool for network administrators, security
administrators, IT auditors, and other users in an enterprise network. It providesthe ability to analyze the network, document the configuration, and make
decisions based on the current state of the network.
Quest Reporter helps you administer your network by generating comprehensiveenterprise-wide reports, from both real-time and stored data. Report templatescan be run and exported on a scheduled basis, offering unprecedented flexibility.
The intuitive interface allows users to retrieve necessary data quickly. For
organizations with advanced needs, there are multiple formats for exportingdata to custom applications.
Quest Reporter allows you to collect, compare, report on and resolve ActiveDirectory and Windows-based configurations which is essential for change
auditing, Windows security assessments, or AD pre- and post-migrationanalyses. Armed with this information, you can quickly make strategic andtactical security decisions that involve your Active Directory and Windows
environment.
Day-to-Day Security and StandardsEnforcement
Many organizations have policies and standards prescribing how their IT
environments are managed. These policies cover such areas as user creationand deletion, and group population. Network and security administrators needto know that policies are being followed and standards are being applied
correctly on a daily basis. In large environments, this can be time consuming asthere may be thousands of users, groups, and computers to keep track of. To
prevent security breaches, you can audit your environment frequently usingQuest Reporter.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 9/41
Quest Reporter
9
Preparing for Audits
The process of preparing for comprehensive IT security audits can be tediousand frustrating. You need tools to demonstrate that the environment is secure
and being managed according to the organizational policies. Quest Reporterprovides the information needed to prepare for a security audit.
Reporter provides report templates that will help you to ensure HIPPA (TheAmerican Health Insurance Portability and Accountability Act of 1996) and SOX
(Sarbanes-Oxley) standards are adhered to.
Preparing for Change
Change in large IT environments must be accomplished quickly and securely,using minimal resources and without any loss of productivity. Quest Reporter
provides the information needed to plan smooth transitions, ensuring thatnothing is overlooked.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 10/41
Introducing Quest Reporter
10
Quest Reporter Components
Figure 1: Quest Reporter components
The console displays network information. Use the console to select reports,
and configure the Reporter data collectors (RDCs) and object sets.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 11/41
Quest Reporter
11
The report display component formats the collected information and exports
the information into HTML and other formats such as Adobe PDF (Portable
Document Format) and CSV (Comma Separated Values).
The report engine coordinates all of Quest Reporter’s interaction with its
database. It manages the information going to and coming from the collectionroutines as well as the generation of temporary views containing the actual
report data. The report engine stores the data for the reports. Once the data iscollected, the report engine invokes the report viewer to display the report.
The collection routines are an extensible set of components that QuestReporter uses to enumerate information about network objects and their
attributes.
The database is configured the first time you run Quest Reporter. Use the
Database Setup Wizard to select the target database and to change the data
source at a later time.
The RDC schedules data collection and tracks changes. It stores and
timestamps this information, which is then used to create the reports. The RDCis a special packaging of the collection routines and report engine. It is designed
to facilitate network object data collection from remote locations in highlydistributed environments. Deploying an RDC prevents the need for the RDC
installed on the main console to enumerate information across potentially busyor slow WANs (Wide Area Networks).
For more information on RDC deployment, see the Quest Reporter Installationand Deployment Guide.
Quest Reporter ConfigurationBaselining
Quest Reporter's Configuration Baselining feature provides automatedcomparisons of Active Directory and Windows server configurations against an
ideal baseline. Using this functionality, you can ensure that your environmentmeets security best practices, internal standards and regulatory requirements.
By implementing this solution, IT organizations can maintain operationalefficiencies, lower total cost of server ownership, minimize risks associated with
undocumented configuration changes, and assist in compliance efforts.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 12/41
Introducing Quest Reporter
12
For information on how to use Configuration Baselining, see the ConfigurationBaselining User Guide. You can access the Configuration Baselining User Guide
from the Documentation tab of the installation program. You can access the
installation program by double-clicking Autorun.exe after you have extracted thezipped files.
Quest Reporter for Novell
Quest Reporter for Novell is an add-on pack for Quest Reporter that offers
administrators the ability to collect and report on Novell networks. The reporttemplates are designed to help organizations plan for their pending migration
from Novell to AD. Reports range from User and Group data to permissions. With
Quest Reporter for Novell, you can also easily perform key critical tasks againstobjects in the NDS/eDirectory environment using action enabled reporting.
You can download Quest Reporter for Novell from the Quest Reporter page of
the Quest Software web site (http://www.quest.com).
See the Quest Reporter for Novell User Guide for information on how to install
the add-on pack and how to run report templates. You can access the Quest
Reporter for Novell User Guide from the Documentation tab of the installationprogram. You can access the installation program by double-clicking
Autorun.exe after you have extracted the zipped files.
For an overview of the features, components, functionality, and workflow of
Configuration Baselining, see “Introducing Configuration Baselining” on page
19.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 13/41
Quest Reporter
13
Quest Reporter Express
The Quest Reporter Express version is offered as a freeware edition of QuestReporter. It is not supported by our Quest Support team. The following reporting
is available with Express:
• You can run the reports in the Users folder in the console.
• You can create custom reports using the user attributes that are
available.
All other reports can be viewed in the Quest Reporter console but can only berun if you upgrade your license to Quest Reporter.
Not all user attributes are available with the user reports—these reports will
not run.
You cannot run the following three reports in Express:
• Users with NULL Passwords
• Users with NULL Passwords (Agent)
• Last Logon by Domain Controller
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 14/41
Introducing Quest Reporter
14
Managing Your Network with QuestReporter
Quest Reporter provides a streamlined approach to report generation. Insteadof manually checking individual computers, you can gather and summarize data
using Reporter.
Quest Reporter helps you maintain and manage enterprise directories through
security, standards conformance, and general administration reports.
You can use Quest Reporter to perform the following tasks:
• Create reports by selecting objects and containers from ActiveDirectory and Windows NTFS
• Access report templates grouped to match directory object classes
such as users, groups, domains, computers, and Access Control Lists(ACLs)
• Modify predefined report templates to suit your own requirements• Schedule reports to run automatically and save the results to a
location of your choice
• Gather information by installing RDCs in remote offices
• Schedule collections to generate stored data reports later
• Access NTFS report templates to audit users and groups contained in
ACLs, ensuring compliance with your company’s standards forprotecting sensitive data
• Create reports faster with reusable, user-defined selections of network objects (object sets) from one or more domains
• Create a category of favorites to access on a regular basis and share
your list of favorites with other users
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 15/41
Quest Reporter
15
Quest Reporter Features
Quest Reporter is more than just a reporting tool. It is a sophisticated, extensibledata collector with the ability to present collected information in a number of
different formats.
Report Generation
You can run reports in the following ways:
• Selecting objects through the following nodes in the console: ActiveDirectory, IP Subnet, or Object Set
• Running a report template from the Reports or Favorites nodes
• Generating a report using a scheduled favorite
Modes of Reporting
Using Quest Reporter, you can generate reports based on stored or live data.
Live Data Reports
A live data report collects information from the network at the time of runningthe report template. Select a live report template to collect information for thereport immediately. A live data report gathers the latest network information.
For more information on how to generate live reports, see the Quest ReporterUser Guide.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 16/41
Introducing Quest Reporter
16
Action Enabled Reports
Action enabled reporting is a subcategory of live data report templates that
allows you to update network information within a report. You no longer have toread from the report output as you make changes within another management
tool. Make the changes in the report, and if you have the appropriate rights, theinformation on the network will be updated immediately.
For information on how to generate action enabled reports, see the QuestReporter User Guide.
Stored Data ReportsStored data reports are reports that are generated from previously collecteddata in the database. The data may have been collected by an earlier live report
or from a scheduled collection. Stored data reports take a fraction of the time togenerate compared to live reports.
For information on how to generate stored data reports and configure and
schedule data collection, see the appendix in the Quest Reporter Installation and
Deployment Guide.
Object Sets
An object set is a defined logical container that allows you to group objects in a
convenient manner. An object set can contain specific objects, containers(Organizational Units and groups), or entire domains. An object set can cross
domains.
For example, you may want to run certain reports on users in the Finance
department on a recurring basis but the users exist in multiple places throughoutyour directory. Instead of searching through your directory to find the userseach time you run the report, you can create an object set and then add the
users to the object set. The next time you run the report, you can select the
object set rather than each user in the Finance department.
Favorites
A favorite is a special type of report template that provides a method of retaining
or saving all report properties so that the next time the report runs, there is no
user intervention. You can schedule a favorite to run at any time.
The report attributes saved in a favorite include the following report properties:Objects, Filter, Output, Collection, Attributes, Grouping, and General.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 17/41
Quest Reporter
17
Filtering
Using a filter, you can narrow the focus of report results by setting certain
criteria on the resultant set of objects.
You can build the filters using the available attributes for each report type, selecta condition (for example, Equals, Is Greater Than), and enter a value for the
filter.
Linking Attributes Between Categories
Attribute linking allows you to select additional attributes of an object that arenot the primary focus of the report. This allows you to customize the
distinguishing attributes of an object in a way that suits your needs.
This provides a means of associating object types and attributes and providingmore meaningful information in your report.
Multiforest Reporting
A single forest deployment is characterized by all of an organization’s network
objects being contained within one forest and a group of domains, whereas amultiforest deployment separates an organization’s network into various forests
and their respective domains. The multiforest deployment is by far the moresecure deployment; however, it can be complex to administer.
Quest Reporter supports multiforest deployments. Domains in multiple forestsare displayed as individual fully-functional nodes that allow you to connect to
and run a single report template on object types from different forests.
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 18/41
Introducing Quest Reporter
18
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 19/41
Introducing Configuration
Baselining• Overview of Configuration Baselining
• What is the Configuration BaseliningWorkflow?
• What is a Configuration Check?
• What is a Template?
• What is a Rule Set?
• What is a Rule?
• Configuration Baselining Databases
• Navigating Configuration Baselining
2
Int od cing Config ation Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 20/41
Introducing Configuration Baselining
20
Overview of ConfigurationBaselining
Quest Reporter enables IT organizations to collect, compare, report on, andresolve Active Directory and Windows-based configurations, which is essential
for change auditing, Windows security assessments, or AD pre- andpostmigration analyses. Armed with this information, organizations can quicklymake strategic and tactical security decisions that involve their Active Directory
and Windows environments.
Figure 2: Quest Reporter collects, compares, and reports on AD and
Windows-based configurations.
The compare capabilities are provided through Quest Reporter’s ConfigurationBaselining feature. Quest Reporter’s Configuration Baselining feature providesautomated comparisons of Active Directory and Windows configurations against
an ideal baseline. By implementing this solution, IT organizations can maintainoperational efficiencies, lower total cost of server ownership, minimize risks
associated with undocumented configuration changes, and assist in complianceefforts.
Quest Reporter’s Configuration Baselining feature leverages Quest Reporter’s
agent-less architecture, which minimizes typical deployment concerns of ease of installation and configuration. Quest Reporter’s Configuration Baselining feature
is tightly integrated with the core components of Quest Reporter and leveragesthe collection and storage mechanism to gather state-based information aboutyour environment.
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 21/41
Quest Reporter
21
The Quest Reporter Configuration Baselining feature introduces two additionaldatabases to the architecture. The first is the Configuration Baselining
Configuration Database — this stores configuration information for the
Configuration Baselining feature such as templates, rule sets, rules, andconfiguration checks. The second database is the Configuration Baselining
Results Database. This database stores the results of the configuration checks.The Configuration Check Processor (CCP) leverages all three databases.
The CCP leverages the baseline configuration database to get details of the idealbaseline you want evaluated. It then evaluates the ideal baseline against theQuest Reporter analytical database which contains the current configuration
state information for your environment. After the evaluation is performed, theresults are saved to the Configuration Baselining Results Database.
Through the Quest Reporter’s Configuration Baselining user interface, you can
initiate live data collections for your live configuration checks or runconfiguration checks against stored data that has already been gathered from
Quest Reporter’s scheduled collection mechanism. There is great value in thisintegration as the data can be collected once and is used for both general
reporting and comparison capabilities. This minimizes all of the typical concernswith having to collect the information from your environment multiple times for
these independent and siloed processes.
For information on how to install and deploy Quest Reporter, see the Quest
Reporter Installation and Deployment Guide.
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 22/41
Introducing Configuration Baselining
22
What is the Configuration BaseliningWorkflow?
The following diagram shows the overall Configuration Baselining workflow:
Figure 3: The four steps in the Configuration Baselining workflow: establish,
collect, compare, and view.
Step 1: Establish Baseline
This is the establishment of your ideal baseline. Configuration Baselining comes
with out of the box baselines based on the Center for Internet SecurityBenchmarks and Microsoft Best Practices. You can easily create your own
baselines by either copying the existing out of box baselines or creating yourown. You can create baselines based on the following categories: domain
information, groups and users, computer information, and permissions. Formore information on how to establish baselines, see the Configuration BaseliningUser Guide.
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 23/41
Qu s po
23
Step 2: Collect Data
After you have created your ideal baseline, which could encompass a single
template or multiple templates, Configuration Baselining needs to collect thepertinent data from your environment. This process is facilitated through QuestReporter’s live and scheduled data collection mechanism. After this process hasbeen performed, Configuration Baselining now has the state-based information
that can be used for comparison. For more information on how to collect data,
please refer to the Quest Reporter User Guide.
Step 3: Compare Baseline Versus Data
Quest Reporter’s Configuration Baselining feature will now compare what is inthe ideal baseline that you created in Step 1 against the pertinent information
that Configuration Baselining collected in Step 2 from your environment. Thisprocess is performed by the Configuration Check Processor. For more
information on how to perform a configuration check, see the ConfigurationBaselining User Guide.
Step 4: View Results and Perform Appropriate Action
After the Configuration Check Processor is finished processing the configurationcheck, the results of the configuration check are stored in the Configuration
Baselining Results database. These results are dynamic and are displayed insummary and detailed fashion through the Quest Reporter ConfigurationBaselining user interface. You can use this information to remediate the
non-compliant objects. Configuration Baselining also provides you with theability to export results for easier distribution purposes. For more information onviewing the results, see the Configuration Baselining User Guide.
For ease of use, Quest Reporter’s Configuration Baselining feature provides
you with the ability to perform configuration checks based on live data, which
results in a merging of steps 2 and 3 of the workflow. You should use live
data as the basis for running ad hoc configuration checks of your network.
For example, if you are asked to check if the latest Windows critical update
has been installed on all of your Windows Server 2003 computers, you can
run a configuration check based on live network data to determine
immediately what computers have not been updated.
You should use stored data as the basis for running regularly scheduled
configuration checks of your network as part of your internal auditing
activities. For example, if several new Windows Server 2003 computers have
been brought online in your network, you can schedule a configuration check
to run on stored network data that is collected weekly to determine if these
new servers adhere to the configuration settings established by your
company's server hardening policies.
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 24/41
24
What is a Configuration Check?
A configuration check is the main component of Configuration Baselining. It
determines the level of compliance of your network objects by comparing themagainst a baseline. A baseline is represented by one or more templates inConfiguration Baselining. To check the compliance of your network objects, youwill create and schedule configuration checks based on predefined templates or
based on templates that you create or import.
Figure 4: A configuration check compares network objects against a template
(baseline).
Example Configuration Check
The following example configuration check will compare two objects against one
template on a weekly basis using live data:
NAME OBJECTS TEMPLATE FREQUENCY DATA
SerRules Server1, Server2 Windows Server 2003 Weekly Live
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 25/41
25
What is a Template?
A template contains the settings that Configuration Baselining uses to evaluate
objects and determine if they comply with your company’s standards, profiles,and policies. A template contains rule sets and rule sets are made up of rules.
Figure 5: A template is made up of rule sets and rule sets contain rules.
You can use one of the predefined templates that come with ConfigurationBaselining, you can create your own template, you can import one created by
another user, or you can import one from an .inf file.
Example Custom Template
The following example custom template contains two rule sets and each rule set
contains two rules:
TEMPLATE NAME RULE SETS RULES
Windows Server 2003 General Computer
Rules
DNS Search Order List
Memory Capacity in Bytes
Effective Computer
Settings
Check Maximum System Log
Size
Check Password Age
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 26/41
26
What is a Rule Set?
A rule set is a logical grouping of one or more rules. Rule sets can contain rules
from many different attribute categories and they can help you maximize thereusability of rules because they can be shared across templates.
Figure 6: A rule set is a container for rules.
You can use the predefined rule sets that are included with the predefined
templates or you can create your own custom rules sets.
You can also apply a filter to a rule set to limit the scope of the Active Directorydomains or computers that are checked against the baseline.
Example Custom Rule Sets
The following example rule sets each contain two rules:
RULE SET NAME RULES
General Computer Rules DNS Search Order List
Memory Capacity in Bytes
Effective Computer Settings Check Maximum System Log Size
Check Password Age
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 27/41
27
What is a Rule?
A rule is a combination of attributes, conditions, and values. Rules form the basis
of the configuration check and they are what your configuration items arechecked against. Each rule can only contain attributes from one attributecategory, such as BIOS or NTFS Files. If you want to check the values of attributes across multiple attribute categories, you will have to create or use
multiple rules.
Figure 7: A rule is made up of attributes, conditions, and values.
You can use the predefined rules that the predefined templates contain or youcan create your own custom rules.
You can also apply a filter to a rule to limit the number of configuration items
that are checked against the rule and to determine the existence of specific
attribute values.
Example Rules
Three of the following example custom rules each contain one attribute, onecondition, and one value. The fourth example contains two attributes, twoconditions, and two values:
RULE NAME ATTRIBUTE CONDITION VALUE
DNS Search Order List CIMV2.Network Adapter
Description [WMI]
equals WAN Miniport
(PPPoE)
Memory Capacity in
Bytes
CIMV2.Physical Memory
Speed [WMI]
equals 2000
Check Maximum System
Log Size
System Log Max Size is less than 16
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 28/41
28
Configuration Baselining Databases
Configuration Baselining stores data in two separate databases:
• Configuration Baselining Configuration database
• Configuration Baselining Results database
Configuration Baselining Configuration Database
The Configuration Baselining Configuration database contains all of thepredefined content that ships with Configuration Baselining and all of the custom
content you create (configuration checks, templates, rule sets, rules, filters, andcategories) when using Configuration Baselining. After you have successfullyinstalled Quest Reporter, the Quest Reporter Database Setup Wizard guides you
through the set up of the Configuration Baselining Configuration database. Youhave the option to create a new database or select an existing one. The
Configuration Baselining Configuration database is created when you click Nexton the Configuration Baselining Database page of the Database Setup Wizard.
Configuration Baselining Results Database
The Configuration Baselining Results database contains the results data from allconfiguration checks that have run. This database is automatically created by
Configuration Baselining at the same time as the Configuration Baseliningdatabase is created. To distinguish the two databases, the word Results is added
Check Password Age Maximum Password Age
(expires in x days)
equals 90
Minimum Password Age
(changed after x days)
equals 5
If you already have a large Quest Reporter database (collected data), then
you should consider using a second database server for the Configuration
Baselining databases. This will help increase scalability and improve the
performance of Configuration Baselining. You can use the Quest ReporterDatabase Setup Wizard to change the location of the Configuration Baselining
databases.
RULE NAME ATTRIBUTE CONDITION VALUE
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 29/41
29
to the end of the name of the Configuration Baselining Configuration database.For example, if you entered ConfigurationBaseliningApril17 as the name of the
Configuration Baselining Configuration database in the Database Setup Wizard,
the following databases would be created:• ConfigurationBaseliningApril17
• ConfigurationBaseliningApril17Results
The configuration check results data that is stored in the ConfigurationBaselining Results database is displayed for you in four different views that are
accessible from the Configuration Check Results node in Configuration
Baselining: Summary View, Object View, Template View, and Detailed View.These views provide different levels of detail about the configuration check
results and the data in these views can be filtered and exported. For moreinformation on viewing the results of configuration checks, see the ConfigurationBaselining User Guide.
Navigating ConfigurationBaselining
Quest Reporter’s Configuration Baselining feature is a Microsoft® ManagementConsole (MMC) snap-in. The Configuration Baselining root node is a subnode of the Quest Reporter node.
The default MMC console consists of a window divided into two panes: the left
pane displays the console tree and the right (or main) pane displays the homepages or summary pages for the nodes or objects selected in the left pane (the
console tree).
After you have installed Quest Reporter, Configuration Baselining appears as anode in the console tree in the left pane.
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 30/41
30
Introducing the Configuration BaseliningRoot Node
You can access the Configuration Baselining root node by expanding the QuestReporter node in the MMC console tree and clicking the Configuration Baselining
node.
The Configuration Baselining root node is the main access point for the threemain Configuration Baselining nodes: Templates, Rule Sets, and JobManagement. The Configuration Baselining root node and the three subnodes all
have home pages that are displayed in the main pane (right pane) when youselect the node in the console tree (left pane).
Introducing the Taskpads
When you select the Configuration Baselining node in the console tree in the left
pane, the Out of the box content taskpad is displayed in the main pane (rightpane). If you click the tab at the bottom of the main pane, you can switch to the
Build new content taskpad.
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 31/41
31
You can use these taskpads as your starting point for easily creating andscheduling configuration checks. These taskpads are a great place to start from
if you are new to Configuration Baselining.
Which Taskpad Should I Use?
You should select the Out of the box content taskpad if you want to create andschedule a configuration check based on the predefined templates that comewith Configuration Baselining. The predefined templates are based on the
following industry benchmarks and security templates and guidelines: Center forInternet Security (CIS) Benchmarks and Microsoft security templates andguidelines. For more information on the predefined templates, see the
Configuration Baselining User Guide.
You should use the Build new content taskpad if you want to create and schedulea configuration check based on templates, rule sets, and rules that you define
and create.
One of the main goals of the taskpads is to help you learn how to use
Configuration Baselining and to help you learn how Configuration Baselining
works. When you use the Build new content taskpad as your starting point,
the first step in building new content is the creation of a rule using the Rule
Wizard. Once you become more comfortable using Configuration Baselining,
you will start using the nodes in the treeview as your starting point when
creating new content. When you start to use the nodes, you will notice that
you cannot create a rule without first creating a rule set. This means that the
workflow is slightly different depending on your starting point.
If you create new content from the Build new content taskpad, you will
create a rule first and then you will create a rule set and then a template. If
you create new content from the nodes in the treeview, you will normally
create a template first and then a rule set and then rules.
For more information on using the nodes to create custom content , see
“Introducing the Templates Node” on page 32 and “Introducing the Rule Sets
Node” on page 34.
TASKPAD STEPS TO CREATE A CONFIGURATION CHECK
Out of the box content If you use the Out of the box content taskpad as your
starting point, you will perform the following steps:
1. Create and schedule a configuration check based on
predefined templates.
2. View the properties and results of the configuration
check that you created and scheduled in step 1.
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 32/41
32
The wizards that you use to perform tasks though the taskpad are the samewizards that you use to create templates, rule sets, and rules through the
Templates node and the Rule Sets node. For detailed step-by-step instructionson how to use these wizards, see the Configuration Baselining User Guide.
Introducing the Templates Node
You can access the Templates node by expanding the Configuration Baselining
node under the Quest Reporter node in the MMC console tree.
The Templates node contains template categories and templates, providing you
with a starting point for creating custom templates and for creating and
scheduling configuration checks. If you right-click the Templates node, you can
• Import templates
• Export templates
• Create new template categories
• Create new templates
Templates Home Page
When you select the Templates node in the console tree, the Templates homepage is displayed in the main pane. From this home page, you can createtemplates and you can create and schedule configuration checks. For more
information, see the Configuration Baselining User Guide.
Build new content If you use the Build new content taskpad as your starting
point, you will perform the following steps:
1. Create rules.
2. Create a rule set for the rules you created in step 1.
3. Create a template that contains the rule set you
created in step 2.
4. Create and schedule a configuration check based on
the template you created in step 3.
5. View the properties and results of the configurationcheck that you created and scheduled in step 4.
TASKPAD STEPS TO CREATE A CONFIGURATION CHECK
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 33/41
33
Template Categories
The Templates node contains template categories and templates. When you
select a template category under the Template node, the main pane shows thenames and descriptions of the templates in that category. Template categoriesalready exist for the predefined content and they are automatically created whenyou import a template. You can also create your own template categories to help
you organize the custom templates that you create. For more information, see
the Configuration Baselining User Guide.
If you right-click a template category, you can
• Import templates
• Export templates
• View the name and description of the template category
• Create new template categories
• Create new templates
You can also cut, copy, delete, and rename template categories by right-clickingthem and selecting the appropriate option.
Templates
If you right-click a template, you can
• Export it
• View its properties
• Create new configuration checks
• Create new rule sets
You can also cut, copy, delete, and rename templates by right-clicking them andselecting the appropriate option.
Templates Summary Page
When you select a template under the Templates node or under a templatescategory, the main pane displays the summary page for that template. This page
shows the name and description of the template at the top and it has twosections: Rule Set Tasks and Configuration Check Tasks.
If you expand the Rule Set Tasks section of the summary page, you can
• View the names and descriptions of the rule sets contained in thetemplate
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 34/41
34
• Create a new rule set
• Add rule sets to the template
• Remove rule sets from the template
• View the properties of a selected rule set
If you expand the Configuration Check Tasks section of the summary page, youcan
• View the names and descriptions of any configuration checks that areassociated with the template
• Create a new configuration check
• View the properties of a selected configuration check
For more information on using the summary page to modify a custom template,see the Configuration Baselining User Guide.
Introducing the Rule Sets Node
You can access the Rule Sets node by expanding the Configuration Baselining
node under the Quest Reporter node in the MMC console tree.
The Rule Sets node contains rule set categories and rule sets and it provides youwith a starting point for creating custom rule sets, rules, and filters.
If you right-click the Templates node, you can
• Manage filters
• Create new rule set categories
• Create new rule sets
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 35/41
35
Rule Sets Home Page
When you select the Rule Sets node in the console tree, the Rule Sets home page
is displayed in the main pane. From this home page, you can create custom rulesets, filters for rules sets, and custom rules. For more information, see theConfiguration Baselining User Guide.
Rule Set Categories
The Rule Sets node contains rule set categories and rule sets. When you selecta rule set category under the Rule Sets node, the main pane shows the names
and descriptions of the rule sets in that category. Rule set categories alreadyexist for the predefined content and they are automatically created when youimport a template. You can also create your own rule set categories to help you
organize the custom templates that you create. For more information, see theConfiguration Baselining User Guide.
If you right-click a rule set category, you can
• View the name and description of the rule set category• Create new rule set categories
• Create new rule sets
You can also cut, copy, delete, and rename rule set categories by right-clicking
them and selecting the appropriate option.
Rule Sets
If you right-click a rule set , you can
• View its properties
• Create new rules
• Create new filters
• Create new templates
You can also cut, copy, delete, and rename rule sets by right-clicking them andselecting the appropriate option.
Introducing Configuration Baselining
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 36/41
36
Rule Set Summary Page
When you select a rule set under the Rule Sets node or under a rule set category,
the main pane displays the summary page for that rule set. This page shows thename and description of the rule set at the top and it has three sections: RuleTasks, Filter Tasks, and Template Tasks.
If you expand the Rule Tasks section of the summary page, you can
• View the names and descriptions of the rules contained in the rule set
• Create a new rule
• Add rules to the rule set
• Delete rules from the rule set
• Create a copy of a rule
• View the properties of a selected rule
If you expand the Filter Tasks section of the summary page, you can
• View the names and descriptions of the filters applied to the rule set
• Create a new filter
• Add filters to the rule set
• Remove filters from the rule set
• Create a copy of a filter
• View the properties of a selected filter
If you expand the Template Tasks section of the summary page, you can
• View the names and descriptions of the templates that contain therule set
• Create a new template
• Add the rule set to a template
• Remove the rule set from a template
• View the properties of a selected template
For more information on using the summary page to modify a custom rule set,
see the Configuration Baselining User Guide.
Quest Reporter
I t d i th J b M t N d
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 37/41
37
Introducing the Job Management Node
You can access the Job Management node by expanding the Configuration
Baselining node under the Quest Reporter node in the MMC console tree.
The Job Management node contains the Scheduled Configuration Checks nodeand the Configuration Check Results node. You can use these nodes to manage
your scheduled configuration checks and to view the results of all configurationchecks that have run.
Job Management Home Page
When you select the Job Management node in the console tree, the JobManagement home page is displayed in the main pane. From this home page,
you can manage scheduled configuration checks, view the results of configuration checks, and create and schedule a new configuration check. For
more information, see the Configuration Baselining User Guide.
Scheduled Configuration Checks NodeWhen you select the Scheduled Configuration Checks node, the main pane (rightpane) displays scheduled configuration checks in the upper pane. When you
select a scheduled configuration check in the upper pane, each individual run of
that configuration check is displayed in the lower pane. The lower pane will beempty if the configuration check you select in the upper pane has not run yet.
You can view and edit the properties of each schedule configuration check byright-clicking a configuration check in the upper pane and selecting theappropriate option. For more information, see the Configuration Baselining User
Guide.
You can also view and manage each individual, historical run of a configurationcheck by right-clicking a historical run in the lower pane and selecting the
appropriate option.
If you right-click the Scheduled Configuration Checks node, you can create a
new configuration check.
Introducing Configuration Baselining
Configuration Check Results Node
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 38/41
38
Configuration Check Results Node
When you select the Configuration Check Results node, the main pane (right
pane) displays the results for all of the configuration checks that have run in fourdifferent views: Summary View, Object View, Template View, and Detailed View.For more information on viewing the results, see the Configuration BaseliningUser Guide.
You can also filter and export the results.
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 39/41
39
About Quest Software
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 40/41
40
About Quest Software
Quest Software simplifies and reduces the cost of managing IT for more than
100,000 customers worldwide. Our innovative solutions make solving thetoughest IT management problems easier, enabling customers to save time and
money across physical, virtual and cloud environments. For more informationabout Quest go to www.quest.com.
Contacting Quest
Refer to our Web site for regional and international office information.
Contacting Quest Support
Quest Support is available to customers who have a trial version of a Questproduct or who have purchased a Quest product and have a valid maintenance
contract. Quest Support provides unlimited 24x7 access to SupportLink, our
self-service portal. Visit SupportLink at http://support.quest.com.
From SupportLink, you can do the following:
• Retrieve thousands of solutions from our online Knowledgebase
• Download the latest releases and service packs
• Create, update and review Support cases
View the Global Support Guide for a detailed explanation of support programs,
online services, contact information, policies and procedures. The guide isavailable at: http://support.quest.com.
Email [email protected]
Mail Quest Software, Inc.World Headquarters
5 Polaris WayAliso Viejo, CA 92656USA
Web site www.quest.com
Quest Reporter
8/3/2019 Reporter 65 Product Overview
http://slidepdf.com/reader/full/reporter-65-product-overview 41/41
41