Secure Configuration Manager provides security management functions from a central location, with distributed agents collecting data from endpoints. Agents store collected endpoint data in a data structure called the namespace, which represents a collection of unique related objects and their attributes. An object is the logical representation of security data collected by agents and stored in the namespace. Attributes describe the qualities of each object. For example, Secure Configuration Manager has separate namespaces for Microsoft SQL Server and UNIX because these providers support different objects and attributes.
Objects typically have several attributes, stored as a name-value pair such as computer_name:comp5. For example, the Windows agent can gather data from its host computer about the Windows_Workstation object, with the attributes Computer Name, IP Address, Operating System (OS), and Currently Logged On Users. Similarly, a UNIX agent has an object called Unix_Host with attributes IP Address, Operating System, and OS Version.
Each agent has a uniquely defined set of objects and attributes. Built-in security checks automatically access this data. You can use the namespace by creating custom security checks. In the custom check, you identify the object you want to query, and then specify the values you expect to find for the attributes associated with the object.
Some object types can have many different instances in a given namespace. For example, while there is one Unix_Host object per UNIX endpoint, there are many instances of the Unix_File object. Security checks allow you to filter out unimportant instances of many of these objects, so you can highlight the instances most likely to be sources of vulnerabilities. For example, a security check can evaluate the Windows_RegistryKey objects, filtering out everything but specific registry keys entered by known viruses. For more information, see Custom Security Check Examples.