Skip to content
SecPod  – Documentation
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
Search this website
Menu Close
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO

Saner Platform

  • Saner Platform Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner Platform Guide
    • Saner Platform Function Guides
    • Saner Device Management User Guide
  • FAQs
    • Saner CVEM Technical FAQs
  • How Tos
    • General
      • How to increase the subscription count for an Account in Saner CVEM
      • How to increment license count for an Organization in Saner CVEM
      • How to provision Saner tools for an Organization
      • How to change subscription type in Saner CVEM
      • How to sign-up with Saner CVEM?
      • How to create a new account in Saner CVEM?
      • How to create a new user in Saner CVEM?
      • How to enable SSO authentication policy in Saner CVEM?
      • How to set alerts in SanerNow?
      • How to view, download and filter the audit logs?
      • How to designate Saner Agent to perform network scan?
      • How to Co-Brand with your logo?
      • How to fetch the details of the mandatory fields from the Okta account?
      • How to create MFA policy for Okta?
      • How to fetch the details of the mandatory fields from the PingID account?
      • How to create MFA policy for PingID?
      • How to fetch the details of the mandatory fields from the PingOne account?
      • How to create MFA policy for PingOne?
      • How to download and install Saner Agent in Mac?
      • How to download and install Saner agent in Linux?
      • How to download and install the Saner agent in Windows?
      • How to update the expiry date of an existing subscription?
      • How to manage users and their preferences using role-based access?
      • How to uninstall SanerNow Agent using SanerNow Offline deployer tool.
      • How to onboard a new organization?
      • How to deploy SanerNow Agent using SanerNow Offline deployer tool.
      • How to install a Saner agent through the command line?
      • How to uninstall the Saner agent through command line?
    • Saner Reports
      • How to configure mail settings to email Report PDF?
      • How to create a custom report in SanerNow?
      • How to schedule for the report back up?
    • Saner Device Management
      • How to create custom groups in Saner CVEM
    • Saner Mail Settings
      • How to create new mail settings in Saner?
      • How to use OAuth-enabled authentication in Saner mail settings
      • How to create OAuth Client ID and Client Secret for Gmail
      • How to create OAuth Client ID and Client Secret for Microsoft 365.
  • Supported OSs and Platforms
    • Operating Systems and Platforms Supported
    • Supported Third-party Applications for Patching

Saner Cloud

  • Before You Begin
    • Glossary of Terms
    • Read me First
  • Get Started
    • Saner Cloud Deployment Guides
      • Azure Onboarding
      • Troubleshooting
      • Get Started with Saner CNAPP AWS Cloud Deployment V1.0
      • Onboarding with AWS Credentials(Least Recommended Method)
      • Onboarding with AWS Role(Manual)
      • Onboarding with AWS Role CloudFormation (Automatic): Recommended
    • Roles and Permissions
      • Roles and Permissions for AWS Remediation Access
      • Roles and Permissions for Azure Onboarding, Detection, and Remediation
  • Learn About
    • Excessive Permission Categories Evaluated Across Different Cloud Services
    • Publicly Accessible Resources
    • Patch Aging and Patch Impact
    • SecPod Default Benchmarks
    • Watchlists
    • Cloud Workload Protection Platform(CWPP)
    • Overview of Report Views in Saner Cloud
    • Whitelisting Resources
    • Seamless User Interaction with Saner Plasma AI Assistant
    • Critical Events to Monitor in AWS
    • High-Privilege Actions in Critical Activity Logs for AWS
    • Audit Logs in Saner Cloud
    • Excessive Permissions
    • Alerts in SanerCloud
  • User Guides
    • Cloud Security Remediation Management(CSRM) User Guide
    • Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Posture Anomaly(CSPA) User Guide
    • Cloud Security Asset Exposure(CSAE) User Guide
    • Cloud Security Posture Management(CSPM) User Guide
  • Tell Me How
    • Protected: How to Manage Report Views at Organization-level in Saner Cloud?
    • How to Get a Cohesive View from Saner Cloud Unified Dashboard?
    • How to Use Tags to Quickly Filter Resources?
    • How to Troubleshoot Issues with Audit Logs?
    • How to Manage Groups and Tags in Saner Cloud?
    • How to Manage Report Views for a User Account in Saner Cloud?
    • How to Troubleshoot or Analyze with Critical Activity Logs?
    • How to Setup Alerts Across SanerCloud Tools?
    • How to Take Action on Alert Notifications from SanerCloud?
    • CSAE
      • How to Setup Watchlist Configuration for a Resource?
      • How to Identify Outdated Resources for Cleanup?
      • How does Resource Categorization Work in Saner CSAE?
      • How to Identify Resources Exposed to External Network?
      • How to Understand the Resource Footprint Globally Across Various Regions?
      • How to Make Informed Decisions on Your Expenditure based on Resource Usage Graph?
    • CSPM
      • How to Setup Benchmarks in Saner CSPM?
      • How to Use Quick Evaluation Benchmarks?
      • How to Detect Patterns over a Period with Resource Trends?
      • How to Assess System Compliance and Security Posture?
    • CSPA
      • How to Initiate Patch Remediation from CSPA Dashboard?
      • How to Quickly Identify the Detected and Remediated Anomalies for an Account?
      • How to Prioritize Remediation or Fixes based on Confidence Levels?
      • How to Examine the Overall Anomaly Information for Specific Rules or Checks?
      • How to Search and Retrieve Anomaly Data?
      • How to Whitelist Rules or Resources in Cloud Security Scans?
    • CIEM
      • How to See the Active Version for an IAM Policy?
      • How to Troubleshoot or Analyze with Critical Activity Logs?
      • How to View by Type and Usage for any Identity in CIEM?
      • How to Get Visibility into Cloud Entitlements?
      • How to Use Evidence to Address Policies with Excessive Permission?
      • How to Know the Excessive Permissions on a Specific Service?
      • How to Visually See the Relationship between Identity, Entitlement, Policy, or Permission?
      • How to Determine if a Policy has Excessive Permission?
      • How to Initiate Patch Remediation from CIEM Dashboard?
    • CSRM
      • Protected: How to Configure Automation Rule to Remediate Misconfigurations?
      • How to Create a Patching Task for Items Currently in “Approval Pending” State?
      • How to Evaluate Remediation Effort with Patching Impact Chart?
      • How to Prioritize and Address Older or High-Risk Anomalies with Patch Aging?
      • How to Monitor the Overall Status of the Remediation Job?
      • How do I Get to Know the Regions Impacted by a Specific Rule?
      • How to View the Severity of a Missing Patch Affected by a Rule?
      • How to Address Missing Patches Via Remediation Tasks?
      • How to Quickly Access the Necessary Tool for Remediation and Begin Patching Tasks?
  • Frequently Asked Questions
    • Saner Cloud Technical FAQs
  • Saner Cloud Release Notes
    • Saner Cloud – V.1.0 Release Notes
  • Security Intelligence for Saner Cloud
    • Infrastructure Entitlement Checks in AWS and Azure
      • Implementing Infrastructure Entitlement Checks in Azure
      • Implementing Infrastructure Entitlement Checks in AWS
    • Posture Anomaly Checks in AWS and Azure
      • Implementing Posture Anomaly Checks in AWS
      • Implementing Posture Anomaly Checks in Azure
    • Benchmark Compliance Rules in AWS and Azure
      • Implementing Benchmark Compliance Rules in Azure
      • Implementing PCI DSS 3 2 1 Regional in AWS
      • Implementing CIS 3 0 0 in AWS
      • Implementing HIPAA HITRUST Rules
      • Implementing PCI DSS 3 2 1 Global Rules in AWS
      • Implementing NIST 800 53 rev 5 Global Rules in AWS
      • Implementing SecPod Global Rules in AWS
      • Implementing CIS 3 0 0 Regional in AWS
      • Implementing CIS 4 0 0 Regional
      • Implementing SOC 2 in AWS
      • Implementing CIS 4 0 0 in AWS
      • Implementing NIST 800 53 rev 5 Rules in AWS
      • Implementing SecPod Regional Rules in AWS
      • Implementing SecPod Default Rules in AWS
      • Implementing NIST 800 53 rev 5 Regional in AWS
      • Implementing PCI DSS 3 2 1 in AWS
      • Implementing CIS 4 0 0 Global in AWS
      • Implementing CIS 3 0 0 Global Rules in AWS
      • Implementing SOC 2 Global Rules in AWS
      • Implementing SOC 2 Regional Rules in AWS

Saner CVEM

  • Saner CVEM Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • SanerNow Risk Prioritization Launch
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner CVEM Guide
    • What’s New in Saner CVEM?
    • Getting Started with Saner CVEM
    • Pre-requisites for Saner CVEM Deployment
    • How does Saner CVEM’s deployment architecture work?
  • Saner CVEM Products
    • Overview of Saner Continuous Vulnerability and Exposure Management
    • Saner CVEM Unified Dashboard User Guide
    • Saner CVEM Asset Exposure User Guide
    • Saner CVEM Continuous Posture Anomaly Management User Guide
    • Data Points IT teams can Fetch from Saner CPAM
    • Posture Anomaly Computation Rules
    • Saner CVEM Vulnerability Management User Guide
    • Saner CVEM Compliance Management User Guide
    • Saner CVEM Risk Prioritization User Guide
    • Saner CVEM Patch Management User Guide
    • Saner CVEM Endpoint Management User Guide
    • Saner CVEM Remote Access User Guide
    • Saner CVEM Network Scanner User Guide
    • Saner CVEM Cyber Hygiene Score User Guide
  • How Tos
    • Saner AE
      • How to blacklist and whitelist applications in Saner AE?
      • How to manage asset licenses using Saner AE?
      • How to run an asset scan using Saner AE?
    • Saner CPAM
      • How to create new response in PA tool?
      • How to build your own detection and response in PA tool?
      • How to whitelist an entire PA ID?
      • How to configure Posture Anomaly tool for custom detection?
      • How to fix Anomalies from PA dashboard?
      • How to fix anomalies detected in your account from All Anomalies Page?
      • How to fix anomalies from PA Summary page?
      • How to delete PA scan preferences?
      • How to schedule PA Scans on Daily, Weekly, and Monthly basis?
      • How to launch Posture Anomaly scans?
    • Saner VM
      • How to automate and schedule vulnerability scans?
      • How to exclude vulnerabilities in Saner VM tool
      • How to manage excluded vulnerabilities in Saner VM?
      • How to remediate vulnerabilities from vulnerability management dashboard?
    • Saner CM
      • How to align with NIST 800-53 security compliance management?
      • How to align with NIST 800-171 security compliance management?
      • How to align with PCI security compliance management?
      • How to custom create a security policy?
      • How to run a compliance scan?
      • How to align with HIPAA security compliance management using Saner CM?
    • Saner PM
      • How to fix firmware in Saner?
      • How to exclude patches in Saner PM?
      • How to manage excluded patches in Saner PM?
      • How to automate patch management in Saner PM?
      • How to roll back patches in Saner PM?
      • How to specify Service Level Agreement (SLA) using Remediation SLA in Saner PM?
      • How to apply missing patches in Saner PM?
      • How to apply the most critical patches in Saner PM?
      • How to perform custom remediation for applications that require paid patches using Saner PM
      • How to check the status of patching activity?
    • Saner EM
      • How to check wireless security in Windows systems?
      • How to collect all open ports in Windows systems?
      • How to check all firewall policies on Windows systems?
      • How to collect all the applications with an unknown publisher in Mac systems?
      • How to investigate DNS cache on Windows systems?
      • How to collect all the applications with an unknown publisher in Linux systems?
      • How to collect all software licenses in Windows systems?
      • How to collect environment variables set in all operating systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing Windows?
      • How to collect all families of operating systems such as Windows, Unix, and macOS?
      • How to collect all software licenses in Mac systems?
      • How to collect DNS information on Windows systems?
      • How to identify potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems?
      • How to collect all the applications with an unknown publisher in Windows systems?
      • How to collect all network interfaces in Windows systems?
      • How to collect a list of applications that are started when you boot your computer?
      • How to delete and quarantine a file?
      • How to collect mounted disk information on Linux systems?
      • How to check wireless signal quality in Windows systems?
      • How to perform system tuning?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing in Linux?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Linux systems?
      • How to collect DNS information on Linux systems?
      • How to check all firewall policies on Linux systems?
      • How to check wireless security in Linux systems?
      • How to check wireless signal quality in Linux systems?
      • How to collect all the important missing patches in Windows systems?
      • How to collect all installed patches in Windows systems?
      • How to collect all software patches that are hidden in the Windows Update server?
      • How to check the status of Windows Update Server (WSUS/SCCM)?
      • How to collect BIOS information such as serial number, version, manufacturer in Windows systems?
      • How to collect and investigate disk information on Windows systems?
      • How to investigate disks running out of space (<100 MB) in Windows systems?
      • How to collect operating systems information in Windows?
      • How to investigate total RAM or CPU threshold (greater than or equal to 80%) in Windows systems?
      • How to list all Groups in Windows systems?
      • How to collect all services that are currently running in Windows systems?
      • How to list all Administrator accounts on Windows systems?
      • How to list all guest accounts in Windows systems?
      • How to list all inactive users on Windows systems?
      • How to list last-logon details of users on Windows systems?
      • How to identify all users in Windows systems?
      • How to check if Bit-locker protection is OFF in Windows systems?
      • How to collect all keyboard and pointing devices connected to Windows systems?
      • How to collect all storage devices connected to Windows systems?
      • How to check account lockout policy on Windows systems?
      • How to check for Anti-Virus (AV) status in Windows systems?
      • How to check status of DEP in Windows systems?
      • How to check faulty Anti-Virus (AV) status in Windows systems?
      • How to check password policy set in Windows systems?
      • How to collect all security events from Windows Events Log?
      • How to start and stop the processes in Saner?
      • How to block blacklisted applications in Saner?
      • How to enable/disable devices in Saner
      • How to manually import devices into Saner?
      • How to deploy software in Saner EM?
      • How to enable and disable firewall settings in Saner AE?
      • How to collect all shared resources on Windows systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Windows systems?
      • How to connect to a client machine graphically using Saner Remote Access
  • FAQs
    • Saner CVEM Technical FAQs

Security Intelligence

  • Overview of Security Content and Intelligence
  • Security Content Statistics
  • Application and OS Remediation Coverage
  • Compliance Benchmark Coverage
  • List of Vulnerability to Exploit/Malware Mapping covered in Saner
  • OVAL Definitions Family-wise Distribution
  • OVAL Definitions Class-wise Distribution
  • OVAL Definitions Platform Coverage
View Categories
  • Home
  • Docs
  • Saner CVEM
  • Saner CVEM Products
  • Saner CVEM Endpoint Management User Guide

Saner CVEM Endpoint Management User Guide

Print Friendly, PDF & Email

The Saner Endpoint Management tool provides total visibility over the managed endpoints. Built-in actions help to keep the endpoints compliant with regulations and up to date with software and hardware patches. You can use queries to check the health of the endpoints. Automated actions enable you to debug and resolve issues and control the deployment or uninstallation of applications and service packs.

Automated actions enable you to debug and resolve issues and control the deployment or uninstallation of applications and service packs.

To access the Endpoint Management tool:

  1. Log in to the Saner account with credentials.
  2. Suppose an account already exists and the Saner Agent has been deployed on the endpoints; the organization level dashboard is displayed.
  • To select an account, click All Organizations on the top left corner of the dashboard. All Organization section lists all the organizations. You can see the list of organizations as Org1, Org2, and Org3, as shown below. Select the account, and a dashboard with the summary view of the account is displayed.
  • Click the Saner tools on the header. It will display all the provision tools, as shown below.
  • Click the Endpoint Management icon. The Endpoint Management dashboard is displayed, which shows at a glance the total number of devices on the network with a breakdown by OS, the number of devices with the Saner Agent running, and the number of currently active devices.

Newly Added Devices

This page shows the list of devices that have been recently added to the network, based on the date and time. You can search the devices based on the hostname, group, date, and time. You can download the excel sheet that lists newly added devices by clicking on the CSV icon. You can choose to view devices newly added seven days, 15 days, or 30 days back.

Not Scanned Devices

This page shows the list of devices on the network that have not been scanned for 24 hours or longer based on the date and time. You can choose to view devices not scanned for over one day, three days, or five days and then troubleshoot why the device is not being scanned. You can download the excel sheet that lists not scanned devices by clicking on the CSV icon. You can search the devices based on the hostname, group, date, and time.

Devices Based on Groups

This Page shows devices based on default (classified by OS) and user-created groups. Clicking a segment on the chart shows the number of devices in the group. You can download the excel sheet that lists newly added devices by clicking on the CSV icon.

Devices Based on OS

This page shows the number of devices in each OS group. You can download the excel sheet that lists devices distributed based on OS by clicking on the CSV icon.

All Devices

This page shows all devices on the network and details for each device, such as operating system, memory, processor, group, IP address, etc. You can search for a particular device or filter this list by groups or OS. If you want to download all details for all endpoints on the network, click the CSV icon.

Actions and Checks

Checks are predefined queries for the most routine probes that the IT Security team may want to execute regularly. They provide a way to save time and make it simpler and faster to do repetitive checks. Actions are predefined responses to remediate the results of the checks. For detailed information, click on the arrow.

Checks

Click on the Checks option at the top of the right corner or click on the arrow on the Checks Page.  You can select the OS and the type or category of checks from the drop-down to display a set of relevant queries. For example, you may wish to check if a user has installed a torrent on their system. A list of available checks is given below.

Some of the extremely important or routine checks are displayed at the top of the Checks page.

  • Network Segments – Checks for the different network segments and lists the number of devices on each segment and the device details.
  • Endpoint Protection Software – Checks if antivirus protection is running on devices and shows a distribution of the different types of protection on devices, how many devices are protected, how many devices are at risk, and the system health of individual devices.
  • Sensitive Data Detection – Checks if the user has stored credit card or social security numbers as a text file. Running this check may take a long time as the query has to go through the entire data on the disk. This could be a time-intensive check depending on how much data a user has.
  • System Health – Checks for the total RAM, free RAM, used RAM, CPU usage, free disk space, etc. For instance, having very little disk space is a system health issue. Click Update real-time data for the latest system health information. Specify how many times you want the query to be executed, at what time intervals, and for which devices. This helps you monitor the system health of devices for a specific reason, such as unnatural system behaviour that may indicate an attack in progress.
  • Tools – Several tools are available, such as checking for files larger than 1GB on devices. You can modify or update the queries to refine your search further. These tools may impact resources, so they must be used after you achieve clarity on the scope.

Note: Some of these checks below may apply only to Windows Systems.

  • Application Management Checks:
    • Applications with Unknown Publisher – Lists all applications that have no known publisher.
    • Potentially Unwanted Programs – Identifies potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems.
    • Start-up Applications – Lists the applications started when you boot your computer.
    • Software Licenses – Collect all software license information.
  • Network Management Checks
    • Wireless Security – Checks wireless security on devices.
    • ARP Cache – Collects ARP entries created when a hostname is resolved to an IP address and then to a MAC address, so the computer can effectively 7communicate.
    • DNS – The Domain Name System (DNS) translates Internet domain and hostnames to IP addresses and vice versa. Collects the DNS information on devices.
    • Wireless Signal Quality – Checks wireless signal quality on devices.
    • DNS Cache – Investigates the DNS cache on systems.
    • Open Ports – Collects all available port information on devices.
    • Network Interfaces – Collects all network interface information from devices.
    • Firewall Policies – Checks all firewall policies on systems.
    • DHCP – Collects all Dynamic Host Configuration Protocol (DHCP) information on systems.
  • Patch Management Checks
    • WSUS-SCCM Status – Checks the status of the Windows Update Server (WSUS/SCCM).
    • Updates Marked Hidden – Lists all software patches hidden in the Windows Updates server.
    • Installed Patches – Lists all installed patches on systems.
    • Important Missing Patches – Lists all critical missing patches on systems.
  • Computer Information Checks
    • Disk – Windows. Description Collect and investigate disk information on Windows systems.
    • Scheduled Programs – Windows. Description Collect all scheduled programs set in Windows systems.
    • Windows System Metric – Retrieve the specified system metric or system configuration setting on Windows systems.
    • Volumes – Collect all volume information on systems.
    • Operating Systems Information – Collects operating systems information.
    • RAM or CPU Usage – Investigates total RAM or CPU usage on systems.
    • RAM or CPU Threshold – Investigates total RAM or CPU threshold (greater than or equal to 80%) on systems.
    • System Up-time More than seven days – Checks for systems up and running for seven days.
    • Run Command History – Checks the run command history on systems.
    • Disk Space less than 100MB – Investigates disks running out of space (<100 MB) on systems.
    • Active Directory Details – Checks all active directory details on systems.
    • BIOS – Collects BIOS information such as serial number, version, and system manufacturer.
  • Process Management Checks
    • Current Processes – Identifies all current processes running on systems.
  • Device Management Checks
    • Keyboard and Pointing Devices – Collects all keyboard and pointing devices connected to systems.
    • Bit-locker Status – Checks if Bit-locker protection is OFF on systems.
    • USB Mass Storage Devices – Lists all USB mass storage devices connected to systems.
    • Storage Devices Connected – Lists all storage devices connected to systems.
  • System Security Checks
    • Shared Resources – Lists all shared resources on systems.
    • Antivirus Information – Checks for Anti-Virus (AV) status on systems. It is required to keep AV up-to-date and running.
    • Data Execution Prevention Status – Data Execution Prevention or DEP is a security feature that can help protect your computer by monitoring programs to use system memory safely.
    • Faulty Anti-Virus Status – Checks for faulty Anti-Virus(AV) system status. It is required to keep AV up-to-date and running.
    • User Access Control UAC – Checks the User Access Control (UAC) level on systems found under registry HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
    • Account Lockout Policy – Checks the account lockout policy on systems.
    • Password Policy – Checks the password policy set on systems.
    • System Events – Collects all system events that may require your attention from the Events Log.
    • Security Events – Collects all security events that may require your attention from the Events Log.
  • Service Management Checks
    • Deviation in Co-existing Services – Checks for only one primary function per server to prevent functions that require different security levels from co-existing on the same server. For example, web
    • Running Services – Collect all services that are currently running on systems.
  • User Management Checks
    • Auto-logon Enabled Users – Checks if Auto-login is enabled on systems.
    • Last-logon Users – Lists the last-logon details of users on systems.
    • Administrator Accounts – List all Administrator accounts on systems.
    • Groups – List all the Groups on systems.
    • System Users Identification – Identifies all users on systems.
    • Inactive Users – Lists all inactive users on systems.
    • Guest Accounts – Lists all Guest accounts on systems.

Actions

Click the arrow icon from the Actions Page or click the Actions option at the top of the right corner of the EM dashboard. Actions are predefined responses to remediate the results of the checks. For example, suppose a predefined check has detected that a user is using uTorrent, a blacklisted application. You can run the Application and Device Control Response to block the torrent application or run the Software Deployment Response to uninstall the application.

The predefined actions are listed on the Actions page. You can choose to enforce some of the actions as an organization rule, for example, blocking a USB mass storage device. You can also customize the response to run at specified intervals as many times as required.

Following is the list of predefined actions:

  • Application and Device Control – Block or unblock applications and enable or disable devices.
  • Tune-Up– Clean up the system or the registry to improve the performance of devices.
  • Software Deployment – Install or uninstall applications or install patches. Check out the software deployment technical document for more information.
  • Process – Unblock or start required processes or block or stop unwanted processes running on devices to prevent attacks.
  • Registry – Add, modify, or delete registry keys.
  • Service – Start, restart, stop, or remove services.
  • Network – Block or unblock domains, flush ARP entries, set a static IP address, etc.
  • System – Reboot systems after patch or application installation, or shutdown systems that are being attacked by malware to prevent the spread of the vector or protect the device, set the hostname, mount file systems, etc.
  • File – Delete infected files, or quarantine them if you cannot delete them.
  • Start-up Programs – Specify programs that you want to automatically start during a system reboot or as scheduled, for example, when the application has finished executing a task, or remove programs from the start-up.
  • Security – Disable or enable firewalls.

Remote Access

Saner Remote Access is an easy-to-use, highly secure, on-demand remote support tool in Saner Endpoint Management (EM) that helps IT administrators resolve end-user issues remotely. Using Remote Access, you can assist users using Windows, macOS, and Linux devices without installing additional software.

Features of Saner Remote Access

Graphical and CLI Support: Saner Remote Access lets you connect to a device’s graphical and command-line interfaces. While initiating a remote support session, the IT administrator can choose which interface they want to connect to the device.

Built-in User Approval: Saner Remote Access has a built-in user approval feature that asks for user consent before starting the remote session. Similarly, the end user can terminate the session at will once the remote session is established.

Auto-connect with End-user: Saner Remote Access allows IT administrators to auto-connect with end users in the future to help them fix issues if the end-user has opted in for it.

Share Files with End-user and vice versa: Saner Remote Access allows you to share files with the end users remotely. At the same time, the end users can also share files with the IT technician remotely.

Unattended Remote Access: Using Saner Remote Access, IT administrators can set up unattended remote access on server-class devices. This allows them to launch a remote command prompt or terminal window and work on these devices anytime.

To learn more about Saner Remote Access, click here.

Detection Summary

This page shows the list of all checks that have been executed and corresponding devices. Only checks with results are displayed. Yo

u can download the excel sheet that lists queries with the risk details by clicking on the CSV icon. Click on the expand icon to get more information about the predefined checks.

Response Summary

This page shows the list of all responses that ran to remediate the results from checks, the response status, the type of response, and the date and time of execution.

Click the Expand icon to view details of individual response actions. The Actions Status provides Status View and Creation View. Status View provides information on the Host Name and the Overall Status. Click on the plus icon to get the full details about the action. The Creation View shows the type, creation date, action, hostname, values, and the scheduled details of the action.

Setting Alerts for Endpoint Management

The Alerts feature is used to monitor the health of your endpoints or to view newly added endpoints.

To Set Alerts for Endpoint Management

  1. Click Alerts > Endpoint Management.
    1. Set the Subscription status to On.
    2. Specify the email address to which you want the alerts sent.
    3. Specify the conditions for which you want the alerts sent:
  2. Query – You can choose to receive alerts for all queries executed on the endpoints or for custom queries. If you select the custom option, you must specify the condition.
  3. Device – You can choose to receive alerts for Inactive devices or when devices are added to the network.
  4. Response fields – You can choose to receive alerts when actions on endpoints pass, fail, or for a custom condition.
    1. Click on the Update button to complete.

Endpoint Reports

Endpoint Reports provide a comprehensive view of the devices on the network, newly added devices, unscanned devices, groups and types of devices, details of each device, and the status of the jobs for each device.

To Generate the Endpoint Management Report

To export the report to a PDF

To export the report and send it via email

To Back Up Reports

The backup settings under Reports allow IT, administrators, to obtain a backup report showing the history. The backup time should be scheduled. The backup report can be scheduled to run automatically daily or weekly.

  1. Select the Settings icon at the endpoint management report from the Saved Reports section.
  • Click the Omit filter statement in the exported report check box, and users can set the on/off button whether they want to back up the report.
  • Select the weekly or daily option to back up the reports if the backup is ON.
  • Set a number in the Keep only the latest entry box. The report for the specified number of days is archived. If the number is three and the backup option is daily, then the reports from the last three days are maintained. Older files are deleted. You can maintain backups for a maximum of 30 days.
  • Specify the Email ID address.
  • Select the organization and accounts you want to apply these settings.
  • Click on the Save button.
Share This Article :
  • X
  • LinkedIn
Still stuck? How can we help?

Saner Documentation Feedback

Saner CVEM Patch Management User GuideSaner CVEM Remote Access User Guide
Table of Contents
  • Newly Added Devices
  • Not Scanned Devices
  • Devices Based on Groups
  • Devices Based on OS
  • All Devices
  • Actions and Checks
  • Checks
  • Actions
    • Remote Access
      • Features of Saner Remote Access
  • Detection Summary
  • Response Summary
  • Setting Alerts for Endpoint Management
  • Endpoint Reports
  • To Back Up Reports
Copyright 2025 - SecPod. All Rights Reserved. Privacy Policy.
SanerNow Version 6.3.x