Security Center Enterprise provides the asset fingerprints feature. This feature can automatically collect asset fingerprints at specific intervals and enable you to manually collect asset fingerprints. This topic describes how to collect asset fingerprints.

Background information

After you purchase Security Center Enterprise, Security Center Enterprise does not automatically collect asset fingerprints. You can use either the automatic or manual collection tasks to collect the latest fingerprints of specific assets.

You can select one of the following collection methods:

  • Automate periodic collection tasks: You can configure the collection frequency for listener ports, software, processes, accounts, scheduled tasks, and middleware to automate collection tasks that periodically run.
  • Collect the fingerprints of all assets with a few clicks: You can manually collect the latest fingerprints of all assets. On the Asset Fingerprints page, click Collect the latest data to manually run tasks to collect the latest fingerprints of all assets.
  • Collect the fingerprints of a specific asset with a few clicks: You can manually run tasks to collect the fingerprints of an asset. On the Assets page, click a specific server name. On the details page of the server, click Asset Fingerprints. On the page that appears, you can manually run a collection task.
Note
  • If you are a first-time user of the asset fingerprints feature, we recommend that you configure the collection frequency for different assets to automate collection tasks. The automatic collection tasks collect the fingerprints of all assets.
  • Collection tasks consume a small amount of CPU or memory resources of your server. Therefore, your business is not affected.
  • The asset fingerprints feature is available only in Security Center Enterprise. If your Security Center runs another edition, you must upgrade your Security Center to the Enterprise edition before you can use this feature. For more information, see Upgrade and downgrade Security Center.

Automate periodic collection tasks

Security Center automatically collects the fingerprints of all your assets, which include ports, software, processes, accounts, scheduled tasks, and middleware. After you configure automatic collection, you can view the latest fingerprints that are collected at a specific time range on the Asset Fingerprints page in the Security Center console.

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Investigation > Asset Fingerprints.
  3. On the Asset Fingerprints page, click Settings in the upper-right corner.
  4. In the Settings dialog box, configure the collection frequency for each asset type.
    Asset type Frequency
    Port Valid values:
    • Disable: This is the default value. If you set this value to Disable, Security Center does not automatically collect the latest fingerprints.
    • Collected once an hour
    • Collected once every 3 hours
    • Collected once every 12 hours
    • Collected once a day
    • Collected once every 7 days
    Note
    • By default, the collection frequencies of all assets are Disable. You can configure different collection frequencies for the assets.
    • If you use the asset exposure analysis feature, you can set Middleware to Collected once an hour, Collected once every 3 hours, Collected once every 12 hours, or Collected once a day. You cannot set the Middleware parameter to Disable or Collected once every 7 days.
    Processes
    Account
    Software
    Scheduled Tasks
    Middleware
    After the collection frequencies are configured, Security Center automatically runs collection tasks based on the collection frequencies. The latest fingerprints are collected and displayed on the Asset Fingerprints page.
  5. Click OK.

Collect the fingerprints of all assets with a few clicks

If you want to view the latest fingerprints of all assets, you can perform the following steps:

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Investigation > Asset Fingerprints.
  3. Click Collect the latest data.
  4. In the Collect the latest data dialog box, select the assets whose fingerprints you want to collect.
  5. Click OK.
    It requires about 1 to 5 minutes to collect the fingerprints.

Collect the fingerprints of a specific asset with a few clicks

If you want to view the latest fingerprints of a specific server, you can find the server on the Assets page, navigate to the Asset Fingerprints tab of the server, and run a manual collection task. The task collects fingerprints of ports, processes, and software.

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Assets.
  3. On the Assets page, click the Server(s) tab.
  4. On the Server(s) tab, click the name of the server whose fingerprints you want to collect. Server(s) tab of the Assets page
  5. On the asset details page, click Asset Fingerprints.
  6. Click Collect data now above the fingerprint list in the upper-right corner of the page.
  7. In the Collect data message, click OK.

What to do next

After the collection task is started, you can go to the Asset Fingerprints page and click the specific tab to view the latest fingerprints. For more information, see View asset fingerprints.