Modern Inventory Collection for Security Posture and Browser Extensions
search cancel

Modern Inventory Collection for Security Posture and Browser Extensions

book

Article ID: 421551

calendar_today

Updated On:

Products

IT Management Suite Inventory Solution

Issue/Introduction

You have upgraded to ITMS 8.8 and are attempting to use the new security-focused inventory features, but the resulting reports are empty, or the data appears missing in the Computer Inventory View. Specifically, they cannot find information regarding:

  1. Installed Browser Extensions (for Chrome, Edge, and Firefox).

  2. Windows Security Posture Data (e.g., Firewall Status, Antivirus Status, Credential Guard status).

The Symantec Management Agent (SMA) is communicating, but the specific, new inventory data classes are not being populated in the CMDB.

Environment

ITMS 8.8
Inventory Solution 8.8

Cause

The Inventory Solution agent (plugin) on the client endpoints is responsible for collecting the new security-related data. The primary cause of missing data is that the new inventory data classes are not enabled by default in the existing, assigned Inventory Policies or tasks. To resolve this, the administrator must explicitly enable the new SW Browser Extensions and SW Security Data data classes within the active Inventory Policy. Once enabled and collected, the data is available in new, dedicated reports and the updated Computer Inventory View.

Resolution

ITMS 8.8 Release has introduced functionality that should enhance the Inventory Solution experience.

New Inventory Solution Features
Feature
Description
Display Custom Inventory Data in Computer View
The Computer Inventory View View now includes a flipbook to display data from custom data classes. The data from each custom data class is displayed on a separate tab.
Windows Security Data Inventory
 The inventory agent collects key security details from Windows devices. Collected data includes the status (enabled/disabled) of installed antivirus software, firewall, Credential Guard (running/not running/disabled), and the USB Autorun setting. This information is stored in the new 
SW Security Data
 data class and is also available in dedicated report titled 
Windows Computers Security Information.
Windows Browser Extensions Inventory
 The inventory agent now collects detailed information about installed browser extensions from Microsoft Edge, Google Chrome, and Mozilla Firefox on Windows computers. Data includes extension ID, status (enabled/disabled), permissions, associated browser profile, and the user who installed it. This information is stored in the new 
SW Browser Extensions
 data class and is also available in dedicated reports: 
Count of Browser Extensions by Browser and Computer
 and 
Installed Browser Extensions.
Microsoft SQL Server inventory enhancements
 SQL inventory Enhancements added in this release:
Added collection of Microsoft SQL Linked Servers - data is stored in the new 
MS SQL Linked Servers
 data class.
Added collection of Microsoft SQL Server logins - data is stored in the new 
MS SQL Server Logins
data class.
For more information, See KB 397027



Follow these steps to verify or enable the new security inventory classes, verify data collection, and access the resulting reports.

Step 1: Enabling New Inventory Data Classes in the Policies

Note that the new data classes are a part of the Hardware Inventory set of data classes.

  1. On the SMP Console, navigate to Manage>Policies

  2. Expand Discovery and Inventory > Inventory > desired policies (Full and Delta Hardware policies for the default policies)

  3. Open the Inventory Policy (e.g., Collect Full Inventory or Collect Delta Hardware Inventory).

  4. Click the Advanced button..

  5. In the Data Classes tab navigate to Inventory data classes > Software > Windows

  6. Locate the following new data classes under Inventory data classes > Software > Windows:

    • Browser Extensions

    • Security Data

  7. Check the box next to both of these data classes.

  8. Click Save changes at the bottom of the policy.

 

Note: For the SMA (Symantec Management Agent or Altiris Agent) to pick up this change, the agent may need to receive a new configuration policy. Allow time for the SMA to process the change and initiate the next  Inventory cycle, which will include the new data.


Step 2: Accessing and Interpreting the New Reports

Once the data is in the CMDB, you can view it via dedicated reports or the Computer Inventory View.

A. Viewing Enhanced Security Posture Data

  1. On the SMP Console, navigate to Reports > All Reports > Discovery and Inventory > Inventory > Windows > Software/Applications.

  2. Run the report titled Windows Computers Security Information.

    • Interpretation: This report directly displays the status of Antivirus, Firewall, Credential Guard, and USB Autorun for all targeted Windows endpoints. Use this to quickly identify resources with disabled security features.

B. Viewing Browser Extension Inventory

  1. On the SMP Console, navigate to Reports > All Reports > Discovery and Inventory > Inventory > Windows > Software/Applications > Browser Extensions.

  2. Run the Installed Browser Extensions report.

    • Interpretation: This shows the Extension ID, Status (Enabled/Disabled), Permissions, and associated Browser Profile for extensions installed on Chrome, Edge, and Firefox.
      This is critical for security teams to track unauthorized or high-risk extensions.

C. Viewing Data in Computer Inventory View (Resource Manager)

ITMS 8.8 now adds new flipbooks/tabs to the Computer View for this data.

  1. On the SMP Console, navigate to Manage > Computers.

  2. Select a specific computer and right-click > select Resource Manager.

  3. Click View > Inventory in the menu bar.

  4. In the center pane, navigate to Data Classes > Inventory > Software and review the data classes for Browser Extensions and Security Data.

    • Validation: Confirm that these data classes are now populated with the details collected in Step 2.

Powered by Wolken Software