Effective work is impossible without automation, but there is no need to go overboard.
Modern business is filled with examples of companies striving for total automation of "everything" and spending large amounts of money on systems design, only to discover that the results are so complex and hard to control that management efficiency actually decreases. Fortunately, we are not talking about global automation here. We are only concerned with automating network-security audits, an entirely realistic goal. In fact, MaxPatrol has already achieved it through a division of labor whereby routine and difficult tasks are performed by the program, while decision-making is left to the specialists.
If we consider the automation of MaxPatrol on the whole, we see that after configuring the program initially for a specific network (or networks), the specialist need only be available to receive and interpret vulnerability reports (by e-mail or otherwise). Setting changes are required only with changes to the network, itself, or to the company's security policy.
All of this looks good on paper, but the best part is that actually doing it is not that much harder. The only critical stage is the preliminary planning, which actually has nothing to do with MaxPatrol's operation. Here, the company specialist must select logical host groups, configure rules (profiles) for them, schedule scans, and decide which people are authorized to receive which audit reports.
After that, he creates the required Jobs in MaxPatrol, and uses the MaxPatrol Scheduler utility to assign each Job an automation schedule (its user interface is embedded in the program's main user interface). To accomplish this, the program provides a Wizard that requires only three steps and about one minute per Job.
To minimize personnel time spent on MaxPatrol still further, it can be set to generate and send reports only under certain conditions (when network or segment vulnerability reaches a preconfigured level).
