Home
  •  

Security for Removable Media (secRMM) Library

Squadra.secRMM :: 9.9.0.0 (Management Pack)

secRMM is a security product from Squadra Technologies which monitors and controls all 'Removable Media' activities in your data centers. Removable Media in this context is any USB removable storage device, removable external hard drives, smart phones, etc. This Operations Manager Management Pack will collect the secRMM events and create Operations Manager alerts.

Summary

This management pack incorporates the secRMM product from Squadra Technologies into Microsoft Operations Manager. secRMM is a product that monitors and controls activity to Removable Media devices. secRMM uses the security event log as well as its own event log to record the Removable Media online, offline and write activity. secRMM also allows the ability to authorize access to Removable Media devices by user(s) and/or by program(s).

External

Squadra Technologies web site

Management Pack Elements

Classes (1)

 DisplayNameIDBase ClassAbstractHostedSingletonGroupExtensionAccessibility
Squadra.secRMM.EventsecRMMSquadra.secRMM.EventMicrosoft.Windows.LocalApplicationFalseTrueFalseFalseFalseInternal

Categories (2)

 IDTarget
Cat.Squadra.secRMM.ConsoleTask.SafeCopyApprover.AlertCat.Squadra.secRMM.ConsoleTask.SafeCopyApprover.AlertSquadra.secRMM.ConsoleTask.SafeCopyApprover.Alert
Cat.Squadra.secRMM.ConsoleTask.SafeCopyApprover.ComputerCat.Squadra.secRMM.ConsoleTask.SafeCopyApprover.ComputerSquadra.secRMM.ConsoleTask.SafeCopyApprover.Computer

Discoveries (1)

 DisplayNameIDTargetEnabled
Squadra.secRMM.Event.DiscoverysecRMMEvent DiscoverySquadra.secRMM.Event.DiscoveryMicrosoft.Windows.ComputerTrue

Unit Monitors (1)

 DisplayNameIDTargetCategoryEnabledAlert GenerateAccessibility
Squadra.secRMM.UnitMonitor.WMIWMISquadra.secRMM.UnitMonitor.WMISquadra.secRMM.EventCustomTrueTruePublic

Rules (25)

 DisplayNameIDTargetCategoryEnabledAlert Generate
Squadra.secRMM.AllowBitLockerOnlyEventOnlinesecRMM AllowBitLockerOnlyEventOnlineSquadra.secRMM.AllowBitLockerOnlyEventOnlineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.AllowBitLockerOnlyEventWritesecRMM AllowBitLockerOnlyEventWriteSquadra.secRMM.AllowBitLockerOnlyEventWriteSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.AllowedDirectoriesAuthorizationFailuresecRMM AllowedDirectoriesAuthorizationFailureSquadra.secRMM.AllowedDirectoriesAuthorizationFailureSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.AllowedFileExtensionsAuthorizationFailuresecRMM AllowedFileExtensionsAuthorizationFailureSquadra.secRMM.AllowedFileExtensionsAuthorizationFailureSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.AllowedInternalIdAuthorizationFailureOnlinesecRMM AllowedInternalIdAuthorizationFailureOnlineSquadra.secRMM.AllowedInternalIdAuthorizationFailureOnlineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.AllowedInternalIdAuthorizationFailureWritesecRMM AllowedInternalIdAuthorizationFailureWriteSquadra.secRMM.AllowedInternalIdAuthorizationFailureWriteSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.AllowRMSFilesOnlysecRMM AllowRMSFilesOnlySquadra.secRMM.AllowRMSFilesOnlySquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.BlockCdDvdWritesEventOnlinesecRMM BlockCdDvdWritesEventOnlineSquadra.secRMM.BlockCdDvdWritesEventOnlineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.BlockCdDvdWritesEventWritesecRMM BlockCdDvdWritesEventWriteSquadra.secRMM.BlockCdDvdWritesEventWriteSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.BlockProgramsOnDevicesecRMM BlockProgramsOnDeviceSquadra.secRMM.BlockProgramsOnDeviceSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.ConfigurationChangedsecRMM Configuration ChangedSquadra.secRMM.ConfigurationChangedSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.ExternalsecRMM External MessageSquadra.secRMM.ExternalSquadra.secRMM.EventNotificationTrueTrue
Squadra.secRMM.FileWriteStartsecRMM DeviceFileWriteStartSquadra.secRMM.FileWriteStartSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.FileWrittensecRMM DeviceFileWrittenSquadra.secRMM.FileWrittenSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.InvalidLicensesecRMM InvalidLicenseSquadra.secRMM.InvalidLicenseSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.ProgramAuthorizationFailuresecRMM ProgramAuthorizationFailureSquadra.secRMM.ProgramAuthorizationFailureSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.PropertyChangedsecRMM Property ChangedSquadra.secRMM.PropertyChangedSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.RMMDeviceOfflinesecRMM DeviceOfflineSquadra.secRMM.RMMDeviceOfflineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.RMMDeviceOnlinesecRMM DeviceOnlineSquadra.secRMM.RMMDeviceOnlineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.SafeCopyPreApprovalRequestsecRMM SafeCopy PreApprovalSquadra.secRMM.SafeCopyPreApprovalRequestSquadra.secRMM.EventNotificationTrueTrue
Squadra.secRMM.SerialNumberAuthorizationFailureOnlinesecRMM SerialNumberAuthorizationFailureOnlineSquadra.secRMM.SerialNumberAuthorizationFailureOnlineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.SerialNumberAuthorizationFailureWritesecRMM SerialNumberAuthorizationFailureWriteSquadra.secRMM.SerialNumberAuthorizationFailureWriteSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.UnknownSourceFailuresecRMM UnknownSourceFailureSquadra.secRMM.UnknownSourceFailureSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.UserAuthorizationFailureOnlinesecRMM UserAuthorizationFailureOnlineSquadra.secRMM.UserAuthorizationFailureOnlineSquadra.secRMM.EventAlertTrueTrue
Squadra.secRMM.UserAuthorizationFailureWritesecRMM UserAuthorizationFailureWriteSquadra.secRMM.UserAuthorizationFailureWriteSquadra.secRMM.EventAlertTrueTrue

Agent Tasks (6)

 DisplayNameIDTargetAccessibilityCategoryEnabled
Squadra.secRMM.AuthorizeInternalIdsAuthorize Internal IdsSquadra.secRMM.AuthorizeInternalIdsSquadra.secRMM.EventInternalSecurityHealthTrue
Squadra.secRMM.AuthorizeProgramsAuthorize ProgramsSquadra.secRMM.AuthorizeProgramsSquadra.secRMM.EventInternalSecurityHealthTrue
Squadra.secRMM.AuthorizeSerialNumbersAuthorize Serial NumbersSquadra.secRMM.AuthorizeSerialNumbersSquadra.secRMM.EventInternalSecurityHealthTrue
Squadra.secRMM.AuthorizeUsersAuthorize UsersSquadra.secRMM.AuthorizeUsersSquadra.secRMM.EventInternalSecurityHealthTrue
Squadra.secRMM.LockdownModesecRMM Lockdown modeSquadra.secRMM.LockdownModeSquadra.secRMM.EventInternalSecurityHealthTrue
Squadra.secRMM.MonitoringModesecRMM Monitoring modeSquadra.secRMM.MonitoringModeSquadra.secRMM.EventInternalSecurityHealthTrue

Console Tasks (2)

 DisplayNameIDTargetAccessibilityEnabled
Squadra.secRMM.ConsoleTask.SafeCopyApprover.AlertsecRMM SafeCopy ApproverSquadra.secRMM.ConsoleTask.SafeCopyApprover.AlertSquadra.secRMM.EventPublicTrue
Squadra.secRMM.ConsoleTask.SafeCopyApprover.ComputersecRMM SafeCopy ApproverSquadra.secRMM.ConsoleTask.SafeCopyApprover.ComputerMicrosoft.Windows.ComputerPublicTrue

Folder Items (1)

 DisplayNameIDFolderNameElementID
Squadra.secRMM.AlertViewRemovable Media AlertsSquadra.secRMM.AlertViewMicrosoft.SystemCenter.NTServiceAndProcessMonitoring.ViewFolder.RootSquadra.secRMM.AlertView

Views (1)

 DisplayNameIDTargetTypeAccessibilityVisible
Squadra.secRMM.AlertViewRemovable Media AlertsSquadra.secRMM.AlertViewSquadra.secRMM.EventMicrosoft.SystemCenter.AlertViewTypeInternalTrue