1.4 How Does the UNIX Agent Work?

The UNIX agent can collect security compliance information from one or more endpoints in one or many domains. The UNIX agent receives requests from Secure Configuration Manager Core Services and runs commands or responds by returning data, status, or results. The UNIX agent runs locally on computers throughout your enterprise.

When you install a UNIX agent, you can add the computer on which the agent resides to the Secure Configuration Manager asset map. Secure Configuration Manager registers the new UNIX agent and assigns an endpoint to the agent representing the operating system of the agent computer. As you add more systems and endpoints to the asset map, you can designate the endpoint type. A single UNIX agent can monitor multiple types of endpoints. For more information about discovering and adding endpoints to your managed systems in the asset map, see the User Guide for NetIQ Secure Configuration Manager.

Each UNIX agent sends regular communication, called a heartbeat, to Secure Configuration Manager to verify operation. When the agent receives a heartbeat request, the agent polls its monitored endpoints to verify their statuses and then responds to Secure Configuration Manager. The UNIX agent also responds to requests for data sent from Core Services in the form of security checks and policy templates. Policy templates are groups of security checks that audit a specific series of IT controls that match a security policy standard. The agent translates the security checks into queries that it forwards to its monitored endpoints. Upon receiving responses to the queries, the agent reports the results to Secure Configuration Manager. For more information about Secure Configuration Manager, see the User Guide for NetIQ Secure Configuration Manager.

The two key processes used by the UNIX agent are: