Security Checkup

Version 3.05 for R77.20

Administration Guide

September 17, 2014

Classification: [Protected]

 2014 Check Point Software Technologies Ltd.

All rights reserved. This product and related documentation are protected by copyright and distributed under
licensing restricting their use, copying, distribution, and decompilation. No part of this product or related
documentation may be reproduced in any form or by any means without prior written authorization of Check
Point. While every precaution has been taken in the preparation of this book, Check Point assumes no
responsibility for errors or omissions. This publication and features described herein are subject to change
without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph
(c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR
52.227-19.
TRADEMARKS:
Refer to the Copyright page (http://www.checkpoint.com/copyright.html) for a list of our trademarks.
Refer to the Third Party copyright notices (http://www.checkpoint.com/3rd_party_copyright.html) for a list of
relevant copyrights and third-party licenses.

Important Information
Latest Software
We recommend that you install the most recent software release to stay up-to-date with the latest functional
improvements, stability fixes, security enhancements and protection against new and evolving attacks.

Additional Information
For additional technical information, visit the Check Point PartnerMAP.

Revision History
Date

Description

September 2014

Security Checkup R77.20 Ver3.05 to be installed on top of

R77.20 version.

December 1, 2014

Revision added to the used guide, known issues section.

Contents
Important Information .............................................................................................3
Introduction .............................................................................................................5
Benefits ............................................................................................................... 5
What's New ......................................................................................................... 6
Installation ........................................................................................................... 8
Activation ............................................................................................................. 8
System Requirements ......................................................................................... 9
Installing SmartConsole ....................................................................................... 9
Installing Server Supplement ..............................................................................10
Upgrading ...........................................................................................................10
Getting Started ...................................................................................................11
Customizing Reports ............................................................................................13
Customizing Time Period of Report ....................................................................13
Creating New Reports ........................................................................................13
Adding Queries to Reports .................................................................................14
Editing Queries ...................................................................................................15
Editing Generated Tables and Graphs................................................................16
Editing Generated Reports .................................................................................16
Changing the Report Template ...........................................................................16
Offline Reports ......................................................................................................18
CPLogLogSender Utility .......................................................................................20
Securing Reports ..................................................................................................21
Known Issues........................................................................................................21
Cant log in to SmartEvent after installing the supplement ..............................21
Generating Reports with SmartEvent Intro .....................................................22
Generating Reports while SmartEvent Machine is Under Load ......................22
Microsoft .NET Framework ............................................................................23
Compliance Security Analysis Report.................................................................24
Introduction ....................................................................................................24
Key Benefits ..................................................................................................24
System Requirements....................................................................................24
Generating Compliance report .......................................................................25
Endpoint Security Analysis Report .....................................................................28
Introduction ....................................................................................................28
Key Benefits ..................................................................................................28
System Requirements....................................................................................28
Installation .....................................................................................................28
Troubleshooting .............................................................................................28
Generating a report ........................................................................................29
Exporting the report .......................................................................................29

Benefits

Introduction
Check Point Security Checkup takes Check
Point PoCs into the next level. The tool
generates a comprehensive threat analysis
report. It automatically integrates security
events from different Software Blades:
Application Control, URL Filtering, IPS, AntiVirus, Anti-Bot, DLP, Threat Emulation and
Compliance. The analysis report is created
automatically on a Check Point Microsoft
Word document report template.
The Security Checkup tool accentuates Check
Point added value, exposing new security
risks and suggesting remediation. When a
Check Point Security Gateway runs for a
while in a PoC environment, inline or Mirror
Port, we expect logs and security events to be
generated for the active Software Blades. The
report gives a comprehensive security
analysis that summarizes security events,
their risks, and their remediation.
This tool offers several out-of-the-box
recommended reports. You can customize
your own reports. You can add and remove
queries. You can create your own Word
template.

Benefits

Shows the value of Check Points security strategy

and the benefits provided by the Software Defined
Protection Architecture.

Visualizes incidents that happen in customer

networks, and gives practical recommendations

Empowers you with knowledge of new security

risks, and improves network security

Gives an executive summary for discussion with

management

Gives detailed results for in-depth discussions with

technical points of contact

Out-of-the-box reports speed information delivery

and accelerate the sales processes

Supports customization for specialized reports

focused on customer challenges

Introduction

Page 5

What's New

What's New
Ver R77.20 3.05

Automatic version verifier- verifies that the installed SmartConsole and server supplement are
of the same Security Checkup version.
Virus section- new table added: received emails with links to malicious sites.
Additional improvements in Virus section.
Text updated in Endpoint sections.

Ver R77.20 1.02

Minor fixes and improvements

Ver R77.10 4.28

Minor fixes and improvements

Ver R77.10 3.25

Minor bug fixes and improvements

Ver R77.10 2.22

New branding: Security Checkup. New report and GUI design.

Additional several improvements and bug fixes

Ver R77.10 1.04

Bugs fixes

Ver R77 2.24

Minor bug fix

Ver R77 2.23

New: Compliance analysis (for existing Check Point customers).

Additional DLP analyses were added

Bug fixes

Ver R77 1.4

Introduction

Page 6

What's New

A new section for Endpoint security was added.

Ver R77

Threat Emulation Software Blade events added

Ver R76 2.17

Fixed bug SmartDashboard crash in Application Control tab

Ver R76 1.16

More granular report period (from <start date; time> to < end date; time>)

New report: DDoS Security Report

New utility: Endpoint Security Analysis Report

New DLP query: Files Sent Outside of the Organization (displaying file names)

Improvements in Bots and Viruses section

Improvements in DLP events description

Introduction

Page 7

Installation

Note: Security Checkup tool is only for Proof of Concept scenarios. It is run by Check Point authorized
personnel using a default SmartEvent configuration. Any other use is not supported.

Installation
This version of Security Checkup tool has its dedicated SmartConsole and supplement for the R77.20
SmartEvent Server.

Component

Package

SmartConsole

SmartConsole_990170005_1.exe

SmartEvent supplement

Security_Checkup_Supp_R77.20_Ver03.tgz
MD5: C821E63D480B0DCDCF9DB7ABA8788976

Activation
To activate Security Checkup tool:
1. Open the SmartEvent console.
2. From the top menu bar select, Launch Menu > View > Security Checkup

3. Close the SmartEvent console and then reopen it.

A Security Checkup icon will appear in SmartEvent overview page.

Introduction

Page 8

System Requirements

System Requirements
Component

Operating System

R77.20 Security Management Server with SmartEvent installed

SecurePlatform, Gaia

Microsoft Office 2010, full package, installed on computer with R77.20

SmartConsole (please note that all Office components must be installed).
Office 2003 is not supported.

Windows 7
(Windows 8 is not
supported)

Note - Reports are generated to a Microsoft Word document. Some of the data within the report is
Excel files embedded into the word document.

Installing SmartConsole
Install the Security Checkup tool SmartConsole on a Windows computer with MS Office 2010. Although it is
a special R77.20 SmartConsole, it works with any R77.20 Security Management Server.

To install the GUI of this tool:

1. Copy the SmartConsole file to the Windows computer.
2. Double-click the executable and follow the wizard.

Introduction

Page 9

Installing Server Supplement

Installing Server Supplement

Note: The Security Checkup supplement must be installed on SmartEvent server that is
configured with the default Overview. If any of the default Overview settings has been manually
modified then log in issues might occur after installing the Security Checkup supplement while
trying to connect with the GUI. For instructions on how to restore the default Overview settings
please see known issue section in this user guide.

Install the supplement on an existing R77.20 SmartEvent Server dedicated to PoCs. The supplement must
be installed on a clean SmartEvent server, meaning SmartEvent server with default event queries. When
you run the installation script, cpstop and cpstart are being run automatically. The tool can be installed on a
standalone deployment as well (where Security Gateway, Security Management and SmartEvent running on
the same machine).
Do not install this tool on a production environment.

To install this tool on a SecurePlatform or GAiA server:

1. SmartEvent supplement file is located in the tools package and named:
Security_Checkup_Supp_R77.20_ <ver>.tgz
2. Make a new directory on the SmartEvent Server, under /var, named install.
3. Copy the .tgz file to the server /var/install directory (copy the file in binary mode).
4. Verify that the file transferred correctly by comparing the files MD5:
a. Verify the MD5 by running md5sum *.* command
b. In the install directory on the server, run:
> tar xvzf Security_Checkup_Supp_R77.20_ <ver>.tgz
> chmod 777 security_checkup
> ./security_checkup
Note: Supplement installation performs cpstop and cpstart commands, during the installation
process you will be disconnected from SmartConsole and remote SSH connections.

Upgrading
To upgrade the SmartConsole of this tool from existing R77.20 SmartConsole, uninstall the existing version
and install the new version.
To upgrade the SmartEvent Server supplement, install this version. It automatically overwrites the older
version.

Introduction

Page 10

Getting Started

Getting Started
After you install the new SmartConsole, you have a new button on the SmartEvent console.

To generate a report:
5. Open SmartEvent.
6. Click Security Checkup

Introduction

Page 11

Getting Started

7. In the Report Generator View window, select a report.

NOTE: For information relating to the Compliance Security Analysis Report, see section on Compliance.
8. Click Generate Report.
The report can take several seconds to generate. It opens as a Word document in the background.

Predefined reports have these default sections:

Executive summary - Summarizes main results: number of events, brief list of critical and high
events that need special attention, and risks.

Findings - Focuses on the security events by Software Blade.

Remediation - Recommendations to solve the main security events.

Introduction

Page 12

Customizing Time Period of Report

Customizing Reports
The Security Checkup tool out-of-the-box reports are designed for PoCs, built on customer feedback. But if
you have unique requirements from a customer, you can fulfill the request with easy customizations.

Customizing Time Period of Report

The default period of time for a report is 30 days.

To change the report period:

1. In the Report Generator View window, click Edit.
2. In the Edit Report window, select the period from the Report Period list.
3. Click Save.

Creating New Reports

If the out-of-the-box reports do not have the required data, you can set up a new report.

To create a new report:

1. In the Report Generator View window, click New >

Report - Create a new report.

Clone Selected Report - Create a new report based on template and queries of the selected report.

Customizing Reports

Page 13

Adding Queries to Reports

2. In the New Report window, enter a name for the report.

3. In the Report Period list, select the time period. Data from this period is collected when the report
generates.
4. Decide if this report is to be based on an existing document:

Create a report using an existing document. - Select use the following document as template.
Browse to the document. If you want to select an out-of-the-box template, browse to the
SmartConsole installation folder. The default folder is:
C:\Program Files
(x86)\CheckPoint\SmartConsole\R77.20\PROGRAM\data\ClientGeneratedReports

Create a report on a blank Word document.

5. Add queries to the report ("Adding Queries to Reports" on page 14).
6. Click Save.

Adding Queries to Reports

If you create a new report, you must add queries to the report. (If you do not, there will be no data to show.)
You can also add queries to existing reports, to show different data.

To add queries to reports:

1. In the New Report window or Edit Report window, click Add.
The Add View window opens.

2. In the View Title field, enter the name of the query that will replace placeholder text:

If this report is based on a blank Word document, the title of the query data shows at the end of the
document.

Customizing Reports

Page 14

Editing Queries

If this report is based on an existing document, the text in this field must match, case-sensitive, the
placeholder text. If the placeholder text does not exist in the document, the query output is added to
the end of the document.

3. In the View Type field, define the output type. Valid values:

Image - Query results are output as JPG files. Use for Grid (Events tab in SmartEvent), Pie, or Map.
Define the Image Width and Image Height in pixels.

Data - Query results are output as embedded Excel files. Use for Grid or Pie. Define an Excel
workbook. It can be a blank file, or a file with content and formulas. Security Checkup tool puts
collected data on Sheet2. The table or chart shown on the report is on Sheet1.
You can change the data or formulas as required.
You must save the Excel workbook with Sheet1 visible.

4. In the Query field, click the browse button. Select a query to collect data. You can create a new
query if necessary.
5. Click Save.

Editing Queries
You can change a query that you made, or a query that is predefined.

To edit a query:
1. In the Report Generator View window, double-click a report.

Customizing Reports

Page 15

Editing Generated Tables and Graphs

2. In the Edit Report window, select a query.

3. Click Edit.

Editing Generated Tables and Graphs

Some of the tables and graphs in the Word document are embedded Microsoft Excel files.

To edit tables and graphs:

1. Double-click the table or graph.
Excel opens. Usually, the Excel file has the table or graph on Sheet1, and the data on the other sheets.
2. To edit the data, open Sheet2 or higher. Change the data there. The table or chart on Sheet1 is
updated automatically.
3. To edit the display of the data, edit table or graph properties on Sheet1.
4. Save the Excel file with Sheet1 visible.
If another sheet is visible when you save and close Excel, the output to the report will be incorrect.
The Report document is updated automatically.

Editing Generated Reports

After Security Checkup tool generates a report, you can edit it. Some data is deliberately left for manually
editing:

Customer details

Report date

PoC duration

Methodology details

Such data, which you must fix before you deliver the report, is marked in red.
If you see unresolved placeholders (text in < > tags):

Delete the placeholders, or

Edit queries to replace the placeholder with data and generate the report again.

Changing the Report Template

The report Word templates are in the SmartConsole installation folders. The templates have placeholder
text. When a report is generated, this text is replaced with the data from the queries. That data is collected,

Customizing Reports

Page 16

Changing the Report Template

analyzed, and manipulated by Security Checkup tool. If you remove or change placeholder text, the
generated data is shown at the end of the report.
Best Practice: Change the template only for localization (translating text that comes from the template) or
formatting (font, color, size). Use the Security Checkup tool editing features to change the data that is
shown.

Customizing Reports

Page 17

Changing the Report Template

Offline Reports
You can generate reports from logs, without interacting with the customer environment. For example, if you
get logs from a customer, you can use the Security Checkup tool to deliver a professional report of the log
data. Offline reports generate queries only of activated Software Blades.

Requirements on your local environment:

Security Management and SmartEvent Server with the latest Security Checkup tool installed. You
will import the network logs to this local environment. There is also a need for SmartEvent and
SmartView Tracker SmartConsole in order to view the logs and events.

CPLogLogSender utility. Can be downloaded from the Check Point Solution Center wiki (for
internal Check Point users) or from Check Point UserCenter. Copy the CPLogLogSender file into
$FWDIR/log directory

To export logs:
1. Open SmartView Tracker, connected to the Security Management Server that has the logs.
2. Click File > Save As.

3. Name the log file.

4. Click OK.
A number of files are created on the Security Management Server, in $FWDIR/log:

yourname.log

yourname.logaccount_ptr

yourname.loginitial_ptr

yourname.logLuuidDB

yourname.logptr
5. Copy all of these files to your computer.
Note: it is recommended to filter FW Blade logs before saving to reduce the log file sizes. FW Blade
logs are not required in order to generate a report.

To clear event history:

If your local SmartEvent has events from unrelated activities, delete event history with these commands on
the server. Skip this only if you import the logs into a clean environment.
cpstop
$CPDIR/database/postgresql/util/PostgreSQLCmd start
$CPDIR/database/postgresql/bin/psql -p 18272 -U cp_postgres
postgres -c "drop database events_db"
$CPDIR/database/postgresql/util/PostgreSQLCmd stop
cpstart

To import logs:
1. On the local Security Management Server, log in and go to $FWDIR/log.
2. Put all the exported files here.
3. Run: chmod 777 CPLogLogSender

Offline Reports

Page 18

Changing the Report Template

4. Run: ./CPLogLogSender -l 200 -i 1 -t -n forever name.log

This can take some time, depending on the number of records the log file contains.
5. Open SmartEvent. Wait until all events are generated.
6. Generate the Security Checkup tool report.

Offline Reports

Page 19

Changing the Report Template

CPLogLogSender Utility
The CPLogLogSender utility simulates traffic captured in the log file. The utility runs the traffic as though it
were live traffic going through the Security Gateway. The Security Gateway logs new events similar to those
in the log files.
To run the utility, you run a script command with required configuration parameters.
Syntax
Parameters

./CPLogLogSender l <log_amount> i <interval> -t n <cycles>

<name>.log
Parameter

Description

l <log_amount>

Number of logs to send in one batch.

Valid value: integer
Note - flag is lower-case L.

i <interval>

Batch delta time, in seconds. Sends a batch of logs every

<interval> seconds.
Valid value: small integer

-t

Ignores the original logs time & date and generate the logs as if
they occur at the time of running the command

n <cycles>

Number of cycles to repeat batch sending.

Recommended value: forever. Runs until all logs are generated.

name

Name of the generated log

Comments
1. Before running the Utility please set the utility privileges by running the following
command:
chmod 777 $FWDIR/log/CPLogLogSender

Example

2. The time it takes to generate the logs depends on the number of log records in the log
file. In the example, if the log file has 100,000 records, it will take 100,000 records /
200 seconds = 500 seconds.
We recommend around 200 logs per second if you use VMware or a slow computer. If you
use a strong computer, you can increase to a higher rate (1,000 - 4,000 or more) to
shorten the process time.
./CPLogLogSender l 200 i 1 t n forever MYLOGS.log

CPLogLogSender Utility

Page 20

Changing the Report Template

Securing Reports
When the report is ready to deliver, make sure it secure from unauthorized changes or access.
1. Save the Word document as PDF.
2. Set the PDF security for opening and for editing.

If you have Adobe Acrobat, set the security options of the Document Properties. We recommend
using Password protection.

If you use a 3rd Party product (such as PrimoPDF) to make the PDF, use the features of that
application to set a password on the PDF.

It is best if you do not edit the PDF after it is made. To change content for audience or purpose, change the
Word document and save it as a new PDF. We recommend that you password protect the Word document
and keep it in secure storage (such as a Check Point GO stick).

Known Issues

Use Security Checkup tool on a default SmartEvent environment. Do not use it on an environment
where the default SmartEvent queries were modified.

Do not use any clipboard options, for example Copy, Cut, and Print Screen

Do not use more than one monitor (screenshots are taken only from main monitor and not the
secondary monitor)

We recommend that you close other applications that are running in the background

Cant log in to SmartEvent after installing the supplement

The Security Checkup supplement must be installed on SmartEvent server that is configured with the default
Overview. If any of the default Overview settings has been manually modified then log in issues might occur
after installing the Security Checkup supplement while trying to connect with the GUI.
If such issues occur, you can restore the default Overview settings by following the below steps using the
command line in expert mode.
Important note: after taking the below steps, all the changes done manually to the SmartEvent Overview
settings will be lost.
1. #cpstop
2. Backing up overview_layout.C and sem_views_collections.C files:
#cp $FWDIR/conf/overview_layout.C $FWDIR/conf/overview_layout.C.bck
#cp $FWDIR/conf/sem_views_collections.C
$FWDIR/conf/sem_views_collections.C.bck
3. Restoring the default overview_layout.C and sem_views_collections.C files:
#cp $FWDIR/conf/defaultDatabase/overview_layout.C $FWDIR/conf/
#cp $FWDIR/conf/defaultDatabase/sem_views_collections.C $FWDIR/conf/
4. Deleting the following files. They will be recreated automatically after cpstart:
#rm $FWDIR/conf/new_scheme.C
#rm $FWDIR/conf/new_tables.C
#rm $FWDIR/conf/CPMILinksMgr.db
5. #cpstart

Securing Reports

Page 21

Changing the Report Template

Generating Reports with SmartEvent Intro

If you run the report on SmartEvent Intro, you must delete empty queries before you generate a report.

1.
2.
3.
4.
5.

Open the Edit Report window of the reports you will use.
Select a section with an empty query.
Click Remove.
Do this for all sections with empty queries.
Click Save.

Generating Reports while SmartEvent Machine is Under

Load
When running Security Checkup report while the SmartEvent machine is receiving new logs (especially
large amount of logs), or while SmartEvents top panes in Overview tab are fetching data, these activities
might have a big impact on performance and therefore might increase the time it takes to generate a
Security Checkup report. In some cases it might even cause the report generation process to halt. Since the
Security Checkup is a PoC tool, it is recommended run while the machine is offline.
Solution: Before generating report, close all statistics panes in SmartEvent GUI Overview tab and manually
stop SmartEvent Correlation unit (the process which correlated all the logs and creates SamrtEvent events).
Here are the steps in details:
1. Before Generating the report
Closing Overviews panes:
In SmartEvent GUI Overview tab manually close all statistics panes

Before

After

Stopping correlation unit:

Known Issues

Page 22

Changing the Report Template

In SmartEvent Server Command Line Interface run the following commands:

evstop
$CPDIR/database/postgresql/util/PostgreSQLCmd stop
evstart
cpwd_admin stop -name CPSEAD
At this point you should see the following output which indicates that the correlation unit is
indeed stopped:
cpwd_admin:
Process CPSEAD terminated
2. Run the report
3. After report is completed run the following command:
In SmartEvent Server Command Line Interface run:
evstart

Microsoft .NET Framework

When generating a report, the following error message is shown:

The error message is shown because it is necessary to install the Microsoft .NET Framework before you
install Microsoft Office.

To resolve the .NET Framework error:

1. Go to http://msdn.microsoft.com/en-us/library/aa159923(v=office.11).aspx
2. Go to the section, Getting the Office 2003 PIAs When Installing .NET Framework 1.1 After Installing
Office 2003.
3. Do the on-screen instructions.

Known Issues

Page 23

Changing the Report Template

Compliance Security Analysis Report

Introduction
The Compliance Security Analysis Report allows the administrator to:
1) Include a Compliance section into the regular Security Checkup report, or
2) Generate a specific report that only includes Compliance

This tool performs a security review based on a library of Check Point Security Best Practices contained
within the Compliance Blade, and summarizes the major Security and Compliance findings.
The report is divided into the following sections:

Security Best Practices Compliance

Regulatory Compliance Summary

Best Practice Compliance by Software Blade

Best Practices Top Findings

Key Benefits
The analysis tool is based on Check Points Security Best Practices defined within the Compliance Software
Blade. The tool allows administrators to gain an insight into potential configuration issues within the
customers Management and Software Blades.

System Requirements
Component

Operating System

Security Checkup tool mechanism can be connected to R75.40 / R75.40VS / SecurePlatform, Gaia
R75.45 / R75.46 / R75.47 / R75.48 / R76 / R77/R77.10/R77.20 Security
Management Server.

Compliance Security Analysis Report

Page 24

Changing the Report Template

Generating Compliance report

The instructions written here are the same whether you are generating the full Security Checkup report with
the Compliance section, or whether you are generating just the Compliance section alone.

Generating the Report on Customer Site

1.

Select the relevant report and click on Generate

2.

A Compliance Blade Data Upload window will open. Under the Management Server settings, enter
in the Server Name or IP address, together with the correct user credentials in order for the report to
connect to the management. Click OK.

3.

The report should appear shortly after.

Compliance Security Analysis Report

Page 25

Changing the Report Template

Generating the Report Offsite

1.

While onsite at the customer premises, click on Export in order to export the Compliance Blade
data to a file.

2.

In the Compliance Blade Data Export window, enter in the Server Name or IP address, together with
the correct user credentials. Click Browse to specify the target location for the Compliance data file.
The file needs to be saved to your local machine. Click OK.

Compliance Security Analysis Report

Page 26

Changing the Report Template

4. From your offsite location, select Generate to create the Security Checkup report:

4.

Under the Data File settings, select Browse and specify the location of the Compliance Data File
that you previously generated. Click OK.

5.

The report should appear shortly after.

Compliance Security Analysis Report

Page 27

Changing the Report Template

Endpoint Security Analysis Report

Introduction
The Endpoint Security analysis tool allows administrator to evaluate computers and get an immediate report
describing the current security state of the computer. The report checks for known security vulnerabilities
and potential risks.
The report divides the risk in to 3 main categories:
1. Data loss the risk of data leaking from the organization.
2. Unauthorized access unauthorized parties accessing company resources or sensitive information.
3. Threats known threats that can cause security vulnerabilities such as lack or Anti-malware
software and malicious applications.

Endpoint report GUI

Key Benefits
The analysis tool was based on Check Points best security practice for Endpoints. The tool allows
administrators to have a real look on the standard of security in their organization and take actions based on
security vulnerabilities.

System Requirements
Component

Operating System

Endpoint Security Analysis Report .msi tool

Microsoft Windows 7, XP

Note - Not supported on computer that have Check Points Endpoint Security client installed

Installation
Step by step work through:
1.

Export the client from Smart Event report dialog

2.

Select a location to save the MSI file

3.

Move the MSI file to the computer you want to analyses

4.

Double click the MSI and install

5.

The report should appear shortly after the installation completes

Troubleshooting
If the report did not appear after several minutes after the installation
1.

Right click the tool tray icon.

2.

Click Display overview

3.

On the left hand side under tools click Generate report

Endpoint Security Analysis Report

Page 28

Changing the Report Template

Generating a report
1.

Right click the tool tray icon.

2.

Click Display overview

3.

On the left hand side under tools click Generate report

Exporting the report

To export the report as PDF: In the report on the top left hand side of the report click Export to PDF
To export the report as row data: In the report on the top left hand side of the report click Export data

Endpoint Security Analysis Report

Page 29