System Integrity
  • 26 Dec 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

System Integrity

  • Dark
    Light
  • PDF

Article summary

About this Article
This article provides information related to the System Integrity widgets


System Integrity widgets provide the Trust Scores report and trend for the files on all the Workloads/Probes discovered in the topology. Once the initial scan of the executables on the nodes is complete, Trust Engine Blades calculate the Trust Scores for every discovered executable.


  1. Navigate to TrustSight > System Integrity in the CMS left navigation pane
  2. Select the required node element on the widget and click Submit to view their System Integrity information
  3. A few of the options available for each widget are described below:
    1. Filter, Drilldown, Show Underlying Data and Show IQ Data options are available for each segment in the statistics
    2. Download - The displayed statistics can be downloaded in different formats - PNG, XLSX, CSV
  4. For reference, the legend is provided with Trust Score level and its corresponding range
    1. Any unknown files with a Trust Score of 0 indicates that the Trust Sight is procuring the score. Once the score is calculated, the information is updated automatically
  5. The average Workload Trust Score is also provided to project the average health of the topology

SystemIntegrityWidgets3


System Integrity Report

 
Version 3.1.1 and Above:


  1. The System Integrity Report widget provides the statistics of the trust scores of all the discovered non-packaged files
  2. The levels range from Full Trust(Trust score: 100) to Unknown(Trust score: 0). Based on the individual scores, the average score is calculated. Here are the various Trust Levels:
    Trust LevelTrust Score Range
    Full Trust100
    Elevated Trust76-99
    High Trust51-75
    Medium Trust26-50
    Low Trust1-25
    Unknown0
  3. For any trust level, the user can drill-down, filter or analyse the underlying information to get a better understanding of the reasons for that Trust Score being assigned to the files
  4. After the initial audit period (where Trust Blade Engines determine Trust Scores of all the discovered files), the customer needs to analyse the unknown files. They can either:
    1. Authorize the safe files that can execute on the workloads in CMS by adding them to the allowlist OR
    2. Remove the files from the workload if they are malicious/suspicious
  5. Standard actions for each widget are available

SystemIntegrityWidgets

Version 3.1.0:


  1. The System Integrity Score widget provides the statistics of the trust scores of all the discovered executables
  2. The levels range from Full Trust(Trust score: 100) to Unknown(Trust score: 0). Based on the individual scores, the average score is calculated
  3. Standard actions for each widget are available

SystemIntegrityWidgets


Non-Packaged Files

[Version 3.1.1 and Above]

  1. Non-Packaged Files provides the statistics of the trust scores of all the discovered non-packaged files
  2. Standard actions for each widget are available

SystemIntegrityWidgets3

Trust Score Trend

 
Version 3.1.1 and Above:


  1. The System Integrity Trend widget provides an understanding of how the Trust Score varies over a specific period of time
    1. During the initial audit period (where Trust Blade Engines determine Trust Scores of all the discovered files), we see an upward trend
    2. Whenever there is a dip (due to new workload addition or new package installation), users can drill-down to view more information or view the underlying data and analyse the reasons for the dip
  2. Standard actions for each widget are available

SystemIntegrityWidgets2

Version 3.1.0:


  1. The System Integrity Trend widget provides the Trust Score Trend for a specific interval of time
  2. Standard actions for each widget are available

SystemIntegrityWidgets2



Was this article helpful?