Schedule Deep Security to perform tasks
Deep Security has many tasks that you might want to perform automatically on a regular basis. Scheduled tasks are useful when deploying Deep Security in your environment and also later, to keep your system up to date and functioning smoothly. They are especially useful for running scans on a regular basis during off-peak hours.
You can automate scheduled task creation and configuration using the Deep Security API. For examples, see the Maintain Protection Using Scheduled Tasks guide in the Deep Security Automation Center.
Create scheduled tasks
To set up a scheduled task in the Deep Security Manager, click Administration > Scheduled Tasks > New. This opens the "New Scheduled Task Wizard", which takes you through the steps to create a scheduled task.
Deep Security as a Service performs some tasks (for example, backup and checking for software updates) automatically.
Check for Security Updates: Regularly check for security updates and import them into Deep Security when they are available. For most organizations, performing this task once daily is ideal.
With Deep Security 11.0 Update 2 or later, the "Check for Security Updates" task ignores offline hosts that have been uncommunicative for 30 days or more.
Generate and Send Report: Automatically generate reports and optionally have them emailed to a list of users.
Scan Computers for Integrity Changes: Causes the Deep Security Manager to perform an Integrity Scan to compare a computer's current state against its baseline.
Scan computers for Malware: Schedules a Malware Scan. The configuration of the scan is specified on the Policy or Computer Editor > Anti-Malware page for each computer. For most organizations, performing this task once weekly (or according to your organization’s policies) is ideal. When you configure this task, you can specify a timeout value for the scan. The timeout option is available for daily, weekly, monthly, and once-only scans. It is not available for hourly scans. When a scheduled malware scan is running and the timeout limit has been reached, any tasks that are currently running or pending are canceled.
When a Scan Computers for Malware task times out, the next scheduled scan starts over from the beginning (it does not start where the previous scan ended). The goal is to perform a complete scan, so consider making some configuration changes if your scans regularly reach the timeout limit. You can change the malware scan configuration to add some exceptions, or extend the timeout period.
Scan Computers for Recommendations: Causes the Deep Security Manager to scan the computer(s) for common applications and then make recommendations based on what is detected. Performing regular recommendation scans ensures that your computers are protected by the latest relevant rule sets and that those that are no longer required are removed. If you have set the "Automatically implement Recommendations" option for each of the three protection modules that support it, Deep Security will assign and unassign rules that are required. If rules are identified that require special attention, an alert will be raised to notify you. For most organizations, performing this task once a week is ideal.
Send Outstanding Alert Summary: Generate an email listing all outstanding (unresolved) alerts.
Send Policy: Regularly check for and send updated policies. Scheduled updates allow you to follow an existing change control process. Scheduled tasks can be set to update machines during maintenance windows, off hours, etc.
Synchronize Cloud Account: Synchronize the Computers list with an added cloud account. (only available if you have added a cloud account to the Deep Security Manager.)
Enable or disable a scheduled task
Existing scheduled tasks can be enabled or disabled. For example, you might want to temporarily disable a scheduled task while you perform certain administrative duties during which you don't want any activity to occur. The control to enable or disable a scheduled task is on the General tab of the Task's Properties window.
Set up recurring reports
Recurring Reports are simply scheduled tasks that periodically generate and distribute reports to users and contacts. Most of the options are identical to those for single reports, with the exception of the time filter.