Compatibility Questionnaire: KACE (KBOX IT Management Suite 2.0) — Archive
Important: The OVAL Compatibility Program was moved to "archive" status in December 2009, and replaced with the "OVAL Adoption Program." Under the OVAL Adoption Program product validation is performed by an external organization, allowing the OVAL Team to focus on educating vendors on best practices regarding the use and implementation OVAL and on how OVAL can continue to evolve as needed by the community.
Refer to the OVAL Adoption Program section for addition information and to review all products and services listed.
Organizational Information
Name of Your Organization:
Web Site:
Product Information
Product/Service Name:
Compatible Categories:
OVAL Definition Consumer
Product/Service Home Page:
Product Accessibility
The KBOX IT Management Suite by KACE is a secure server appliance that automates routine and complex IT maintenance tasks improving IT productivity and security. Included in the KBOX IT Management Suite is the KBOX Security Enforcement and Audit Module which provides vulnerability auditing through seamlessly integrating OVAL tests and reporting on the outcomes at both the individual node and aggregate network levels. KBOX IT Management Suite is also searchable by OVAL-ID. In addition, security policies can be set and enforced through automatic remediation and, if necessary, node quarantine to prevent security breaches and/or network infections.
The KBOX is available through authorized KACE partners and directly from KACE. For more information, see http://www.kace.com or call (888) 522-3638.
Schema Currency Indication
KBOX contacts kace.com nightly for updates to the OVAL Definition and engine files. These files are downloaded and processed by each deployed KBOX appliance. Any changes are pushed out automatically to the client nodes.
The first page viewed when logging into the Admin UI is a summary of the current status of the KBOX. Included on this page is the OVAL Schema information including:
- Last successful download
- Total OVAL tests
- OVAL schema version
- OVAL schema timestamp
The following screen shot shows what this summary looks like on the KBOX:
Schema Currency Update Approach
KACE monitors the OVAL website for updated OVAL content on a daily basis. This information is then processed and reviewed by our internal security teams before being released for automatic retrieval by the KBOX appliance. The changes can contain both updates to the definition files as well as to the core evaluation engine. These can be updated as frequently as necessary to support future changes in the data definitions and capabilities.
Platform and Definition Type Support
Approach for Correction of Errors
Compatibility Documentation
From the Administrator's Guide to KBOX 2.1 manual, Chapter 3, Security Module Overview:
The KBOX Security Enforcement and Audit Module uses Open Vulnerability and Assessment Language (OVAL), an internationally recognized standard for detecting security vulnerabilities and configuration issues on computer systems. OVAL is compatible with the Common Vulnerabilities and Exposures (CVE) list, which provides common names used to describe known vulnerabilities and exposures.
The ability to describe vulnerabilities and exposures in a common language makes it easier to share security data with other CVE-compatible databases and tools.
About OVAL and CVE
OVAL relies on definitions submitted by members of the security community on the Community Forum, by MITRE Corporation, or by the OVAL Board, to detect vulnerabilities on your network. OVAL uses the vulnerabilities on the CVE List as the basis for most of its definitions. CVE content is determined by the CVE Editorial Board, which is composed of experts from the international information security community.
Any new information about a vulnerability that is uncovered as a result of discussions on the Community Forum are sent to the CVE Initiative for possible addition to the list. For more information about CVE visit http://cve.mitre.org.
OVAL definitions pass through a series of phases before being released. Depending on where a definition is in this process, it will likely be assigned a status of DRAFT, INTERIM, or ACCEPTED. Other possible values for status are Initial Submission and Deprecated. For more information about the stages of OVAL definitions, visit http://oval.mitre.org/about/stages.html.
Documentation of Finding Elements Using OVAL
From the Administrator's Guide to KBOX 2.1 manual, Chapter 3, Oval Tests:
OVAL Tests
KBOX checks nightly for updates to the list of available OVAL definitions. Definitions are displayed on the
OVAL Tests tab, along with their associated OVAL ID and CVE Number. Search for a specific OVAL test by operating system, vulnerability, or by OVAL ID or CVE Number.
To view the list of OVAL definitions, click the Security button, then select the OVAL Tests tab.
Documentation of Finding Results Information from Elements
From the Administrator's Guide to KBOX 2.1 manual, Chapter 3, Oval Reports:
OVAL Reports
The OVAL Reports tab displays a list of all of the OVAL Tests that have been run. At a glance, you can see which OVAL Tests failed and the number of computers that failed each OVAL test.
From the test detail view, you can see all of the computers that failed that OVAL Test and you can assign a label to those machines so that you can patch them at a later time.
Documentation Indexing of OVAL-Related Material
The Administrator's Guide to KBOX 2.1, Chapter 3 contains information on OVAL and the use of OVAL within the KBOX. This guide is available to all KBOX customers electronically. In addition, there are a context sensitive descriptions within the KBOX.
OVAL Definition Consumer
Configuration and Software Usage Explanation
OVAL Definition Information Process Explanation
OVAL-ID Output and Searchable
Finding Elements Using OVAL-ID
The KBOX user interface is extremely intuitive. To view the list of OVAL definitions, click the Security button at the top of the UI, then select the OVAL Tests tab. The following image describes the OVAL Test tab contents:
Finding OVAL-ID Using Elements in Reports
The KBOX user interface is extremely intuitive. To view the list of OVAL definitions, click the Security button at the top of the UI, then select the OVAL Tests tab. The following image describes the OVAL Test tab contents:
By clicking on an individual test description, you can see detailed information regarding that specific OVAL test including which machines on your network have failed the test.
Questions for Signature
Statement of Compatibility
Have an authorized individual sign and date the following Compatibility Statement (required):
"As an authorized representative of my organization I agree that we will abide by all of the mandatory Compatibility Requirements as well as all of the additional mandatory Compatibility Requirements that are appropriate for our specific type of capability."
Name: | David Kloba | |
Title: | VP Engineering |
Statement of Accuracy
Have an authorized individual sign and date the following accuracy Statement (recommended):
"As an authorized representative of my organization and to the best of my knowledge, there are no errors in the correctness of our capability's use of OVAL schema and logic."
Name: | David Kloba | |
Title: | VP Engineering |
Statement on Follow-on Testing Activity Support
Have an authorized individual sign and date the following statement about your organizations willingness to support correctness testing of other capabilities, which will be managed by the Reviewing Authority and kept to reasonable levels of effort for all involved. (required):
"As an authorized representative of my organization, we agree to support the Reviewing Authority in follow-on testing activities, where appropriate types of files will be exchanged with other organizations attempting to prove the correctness of their capabilities."
Name: | David Kloba | |
Title: | VP Engineering |
Page Last Updated: December 17, 2009