You want to implement an automated closed-loop remediation solution that detects missing patches in your environment, automatically installs the missing patches, verifies the installed patches and thereby ensures the expected complinace posture of your IT environment.
Control Compliance Suite (CCS) 11.5.2 provides automated closed-loop remediation that lets you identify the assets that are non-compliant or require patch management. Control Compliance Suite integrates with the ticketing system ServiceNow, which in turn integrates with IT Management Suite - Symantec's own patch deployment tool to complete the workflow and provide an end-to-end remediation solution.
The closed-loop remediation workflow includes the following high-level steps:
CCS collects and evaluates data by scanning the assets. Based on the collected data and remediation settings, it logs tickets in the ticketing system.
The ticketing system integrates with the patch deployment tool for remediation.It also monitors and displays the status of the tickets appropriately.
CCS continuously monitors and displays the current status of the tickets
The Patch Deployment tool deploys the patches or security updates on the assets to fix the non-compliance issues.
CCS monitors the ticket status and once the status changes to Resolved, it triggers a Remediation Verification job. The job scans the assets to confirm that the patches are applied.
For detailed instructions about using the automated closed-loop remediation feature, refer to the attached document.