Hello All,
I hope everyone is doing fine.
I have about 200 hosts and I created a fingerprint for each of those hosts. Now, every month, I deactivate system lockdown to enable the vendor patches and then I reconfigure the fingerprint lists for each of the hosts to keep up with the changes.
1. Do I need to delete the previous fingerprint list and recalculate a new fingerprint list for each of the hosts?
2. Can i enable some sort of "trusted installer" so that I do not have to disable system lockdown and allow vendor patching to update the hosts withouth any interuption? AND if so, does the fingerprint list for that host gets updated with the recent vendor updates?
Any feedback is greatly appreciated!
Thanks!