Third-Party Integration

Software Vulnerability Manager provides you with the capability of publishing packages using third-party patch deployment solutions, for example Altiris. To support this feature, Flexera has enhanced the package export feature. The exported xml file contains additional information that can be helpful in creating packages in other tools, including:

The version numbers
The executable itself
The vulnerability/criticality

Flexera has retained the simplicity of the xml file by giving you the options to exclude large binary files and applicability paths from the file, in the form of check boxes in the package creation wizard. To perform a complete export, clear the Do not include package files check box during Step 4 of the SPS Package Creation Wizard.

In order for Software Vulnerability Manager to integrate with other patch deployment solutions, you need to create a configuration file, a script file and an applicability check script file:

Configuration file. The configuration file is actually a representative of the tool and a visual integration between Software Vulnerability Manager and that tool. The file is an xml file that should contain the tool name, script name and the input/setting fields required to configure the settings for the tool (text fields, radio buttons and check boxes are supported). When Software Vulnerability Manager is launched it checks for the presence of any configuration file and, if there is a valid configuration file in the Extensions folder in the Software Vulnerability Manager path, it dynamically loads a GUI under the Patching menu of Software Vulnerability Manager. The configuration file also acts as an input file for the script.
Script file. This script file corresponds to the SDK that the user has created to create and dispatch the package in the respective tool. The script file can be an executable, Java, VB, Python, or Perl script. Click Publish to execute the script file.
Applicability Check script file. This script file runs the sps.exe on the computer if the applicability checks are cleared. This file is published together with the package to establish if the package is applicable to the system or not.

Important:Running the script is a very strong feature. Use caution and ensure the sanity of the script file before publishing.